Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Jaroslaw Rafa via mailop]

Dnia 25.09.2021 o godz. 21:33:41 John Levine via mailop pisze:
> I believe you but I don't know how typical that is.  In the US, most
> land registries allow free online searches.  Property assesment info
> is also usually available.  I can download a PDF that shows the owner,
> assessed value, and tax bill of every property in my town.

I don't know for sure, but I think that in most countries these searches are
restricted in some way. For example, in my country, an average person can
access the info in land register only if they know the exact land register
record number - and that is information which is generally not publicly
available. You can basically know that number only from the property owner,
which requires some kind of previous contact with him/her. Only notaries,
bailiffs, court officials etc. are allowed to perform free searches in the
land register - and of course the information who performed the search, when
and for what is stored in system logs. There are a few "semi-legal" ;)
paid services that allow you to perform a search (using data that was
extracted from the registrar by unauthorized access to accounts of the
people who were allowed to perform searches - therefore I use the word
"semi-legal", because as they use illegally obtained data, they are in my
opinion in fact illegal - but nobody is actually punishing them and they
operate quite freely on the market), but you have to pay to view each result
returned, and the amount - compared to our prices and wages - is similar to
the one in Canada mentioned here.

And of course the data that is contained in the land register is itself
limited. You can the name and personal number (something like SSN in the
USA) of the owner (also past owners), date when the property was sold/bought
and some info about the mortgage (amount and bank name), if there is any -
and that's basically all.
-- 
Regards,
   Jaroslaw Rafa
   r...@rafa.eu.org
--
"In a million years, when kids go to school, they're gonna know: once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Slavko via mailop]

Ahoj,

Dňa Sat, 25 Sep 2021 12:11:19 +0200 Alessandro Vesely via mailop
 napísal:

> On Fri 24/Sep/2021 19:55:51 +0200 Slavko Via Mailop wrote:
> > Good analogy, as street is as public as the Internet is. You do not
> > answer if are you publishing your identity on the street.  
> 
> Yes, you have to publish your identity if you open a shop or even a
> stall on the street.
> 

Yes, when you want provide (payed) services for others.

But not when you want to buy in it, nor when someone want to sell
something to you (i mean your identity, not seller one). Nor when you
want to invite friend in your home (they walk on the street too).

regards

-- 
Slavko
http://slavino.sk


pgpujlfGjC5YK.pgp
Description: Digitálny podpis OpenPGP
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[John Levine via mailop]

It appears that yuv via mailop  said:
>First, "open."  Here in Ontario, where I have write-privilege on the
>Land Registry (I register deeds, mortgages, and all sorts of other
>instruments for my clients), the cost of accessing the record is
>substantial enough to dissuade the equivalent of a spammer accessing
>the WHOIS record.  Historically, the openness of the record was limited
>because it had to be physically consulted at the local registry office.
>With the migration to electronic records and remote access, an
>unintentional and steep (approximately $40/record) paywall has been
>introduced. ...

I believe you but I don't know how typical that is.  In the US, most
land registries allow free online searches.  Property assesment info
is also usually available.  I can download a PDF that shows the owner,
assessed value, and tax bill of every property in my town.

If people want to hide the real owner, they typically use an LLC, but
now we're rather far off topic.

R's,
John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Jaroslaw Rafa via mailop]

Dnia 25.09.2021 o godz. 12:07:03 Alessandro Vesely via mailop pisze:
> 
> I'm not sure the disappearance of WHOIS data was mandated by GDPR.
> Lots of domains had anonymous contacts even before, as an initiative
> of the relevant registrars.  Then, all of a sudden, WHOIS servers
> were disabled.  An excessively prudent stance or the welcome
> occasion to finally dismiss hostmaster responsibilities?

Exactly this. GDPR does absolutely not require that this data should be
anonymized.
It is enough that during domian registration the registry requires your
consent to publish data in the WHOIS database and refuses to register domain
if you don't agree to have your data published. This is absolutely compliant
with the GDPR, because it's pretty easy for the registry to explain why
publication of this data is needed (you all have already explained it very
well in this thread).

It's just a poor implementation or mis-interpretation of GDPR that I was
writing about in my previous mail. It was probably easier/more beneficial
for the registries to do it that way.
-- 
Regards,
   Jaroslaw Rafa
   r...@rafa.eu.org
--
"In a million years, when kids go to school, they're gonna know: once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Laura Atkins via mailop]

> On 25 Sep 2021, at 11:07, Alessandro Vesely via mailop  
> wrote:
> 
> On Fri 24/Sep/2021 13:44:49 +0200 Jaroslaw Rafa wrote:
>> Dnia 24.09.2021 o godz. 13:36:28 Sidsel Jensen via mailop pisze:
>>> 
>>> I think you misunderstood what Michael wrote. I think he was referring to
>>> the changes in WHOIS, which makes it harder to find correlating abusers,
>>> since the data is now hidden due to the implementation of GDPR.  Privacy
>>> is sometimes a two-edged sword.
>> Yes, I did mention that in my email. But despite this, I think overall GDPR
>> is a step in good direction.
> 
> 
> I'm not sure the disappearance of WHOIS data was mandated by GDPR. Lots of 
> domains had anonymous contacts even before, as an initiative of the relevant 
> registrars.  Then, all of a sudden, WHOIS servers were disabled.  An 
> excessively prudent stance or the welcome occasion to finally dismiss 
> hostmaster responsibilities?

In general the widespread restriction of whois data from the public was a 
response to GDPR. A lot of companies published privacy protected data and had 
fake data before GDPR. Many in the sending space (ESPs, certification 
providers, consultants, ISPs) expected legitimate senders to have valid data in 
their whois records. However, when GDPR came into effect the registrars 
themselves stopped publishing data in whois - nothing to do with the individual 
choice. In some cases individual businesses wanted to publish the data but 
their provider wouldn’t facilitate it.  

The underlying piece was that the registries didn’t want to have to deal with 
GDPR so their response was to make the data unavailable to the general public. 

However, some registrars stopped publishing whois data before GDPR as a way to 
prevent their customer from being scammed / abused / harassed. I went to a talk 
by one of the registrars so I could explain to them what a bad idea it was to 
stop publishing whois data. They presented all their data for why it was a good 
idea and how much spam, harassment and outright fraud they were protecting 
their users from. 

> Compare domains with number registries, where RDAP allows fully automated 
> abuse reporting —subject to the same laws.

I’m not sure what that has to do with the choices that the registrars / 
registries made under GDPR or to protect their userbase. 

laura

-- 
Having an Email Crisis?  800 823-9674 

Laura Atkins
Word to the Wise
la...@wordtothewise.com
(650) 437-0741  

Email Delivery Blog: http://wordtothewise.com/blog  





___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Alessandro Vesely via mailop]

On Fri 24/Sep/2021 13:44:49 +0200 Jaroslaw Rafa wrote:

Dnia 24.09.2021 o godz. 13:36:28 Sidsel Jensen via mailop pisze:


I think you misunderstood what Michael wrote. I think he was referring to
the changes in WHOIS, which makes it harder to find correlating abusers,
since the data is now hidden due to the implementation of GDPR.  Privacy
is sometimes a two-edged sword.


Yes, I did mention that in my email. But despite this, I think overall GDPR
is a step in good direction.



I'm not sure the disappearance of WHOIS data was mandated by GDPR. 
Lots of domains had anonymous contacts even before, as an initiative 
of the relevant registrars.  Then, all of a sudden, WHOIS servers were 
disabled.  An excessively prudent stance or the welcome occasion to 
finally dismiss hostmaster responsibilities?


Compare domains with number registries, where RDAP allows fully 
automated abuse reporting —subject to the same laws.



Best
Ale
--






















___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Alessandro Vesely via mailop]

On Fri 24/Sep/2021 19:55:51 +0200 Slavko Via Mailop wrote:

Dňa Fri, 24 Sep 2021 12:36:23 -0400 Bill Cole via mailop  
napísal:

On 2021-09-24 at 11:50:24 UTC-0400 (Fri, 24 Sep 2021 17:50:24 +0200) Slavko via 
mailop  is rumored to have said:


While i cannot comment mentioned OVH domain, i will ask, why
anyone have to know from WHOIS of my domain my name, or my
address or anything about me as private person? Yes, if someone
has archive of WHOIS response, it was there and i was not happy
from that. Are you having label with these info at top of face
when you are walking on the street?>>

Bad analogy.


Good analogy, as street is as public as the Internet is. You do not
answer if are you publishing your identity on the street.



Yes, you have to publish your identity if you open a shop or even a stall on 
the street.



Owning an operational domain name makes you a public person. A domain
name is a claim on a specific piece of the public commons of the DNS.
In many places (including the US and at least some European
countries) you can only own land if your 'title' to that land is
registered with the government in an open public record. In the US,
that title includes the record of past ownership and even sales
prices. A domain name is intrinsically connected to public
interaction.


And that is what GDPR exactly prevents. That anyone want/require that
others have to publish, what they don't want, only because they want to
know it. The RFC defines ways how to contact domain's services
maintainers (postmaster, hostmaster, abuse, etc). What more you need to
know?



Do you mean RFC 2142?  It is *not* an effective means to contact a domain's noc.



When you look at RFC, you will found, that it say about server's
identity (HELO/EHLO) nothing more, nothing less. And even tells, that
no one have to reject emails based on that identity checks...



That was never meant to depreciate the HELO/EHLO identity.  That oversight is 
removed in the next version of SMTP:
https://datatracker.ietf.org/doc/html/draft-ietf-emailcore-rfc5321bis

Instead, an accompanying applicability statement is going to say:

   If the "Domain" argument to the EHLO command does not have an address
   record in the DNS that matches the IP address of the client, the SMTP
   server may refuse any mail from the client as part of established
   anti-abuse practice.  Operational experience has demonstrated that
   the lack of a matching address record for the the domain name
   argument is at best an indication of a poorly-configured MTA, and at
   worst that of an abusive host.
   https://datatracker.ietf.org/doc/html/draft-ietf-emailcore-as#section-2.1



I do not know how in USA, but in our country the government has tools
to know my identity, if there is legal reason (and court approve it).
How legal is your reason, beside that you want to know it?



The usual way is to go through the ISP, not the government.  Not all ISPs hand 
out an email address whereby to contact a responsive abuse team.  It is common 
practice to deny access to IPs corresponding to non-compliant providers.


Best
Ale
--














___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[yuv via mailop]

On Fri, 2021-09-24 at 12:36 -0400, Bill Cole via mailop wrote:
> Owning an operational domain name makes you a public person.
[...]
> In many places (including the US and at least some European
> countries) you can only own land if your 'title' to that land is
> registered with the government in an open public record.

In principle, YES!  However, there are limitations and safeguards in
place, some of which historical and unintentional, that prevent abuse
of that open and public record.

First, "open."  Here in Ontario, where I have write-privilege on the
Land Registry (I register deeds, mortgages, and all sorts of other
instruments for my clients), the cost of accessing the record is
substantial enough to dissuade the equivalent of a spammer accessing
the WHOIS record.  Historically, the openness of the record was limited
because it had to be physically consulted at the local registry office.
With the migration to electronic records and remote access, an
unintentional and steep (approximately $40/record) paywall has been
introduced.  The government has given a way too generous contract to
the IT company that developed and operates the database (and cash most
of that paywall revenue).  I would argue that read-access should be
completely free of charge and with a public API, much like the WHOIS
record, however, see the third point below why it is not a good idea.

Second, even in the Land Registry I can obfuscate the name of the
ultimate individual in control/ownership with a few legal tools:  I can
register land in the name of a trust or a corporation.  In those cases,
the contact details that can be found publicly are for some proxy
trustees or directors, but the names of the beneficiaries /
shareholders remain private, like the many privacy services offered
with domain name registration.  In recent years (since 2017) I must
disclose beneficial ownership to the Ministry of Finance, but that is
solely for taxation purpose and the information is not public.

Third, purpose.  The purpose of the land registry, and of the WHOIS
database, are matching owners with their responsibility.  If it was
possible to restrict usage of the WHOIS data for the sole purpose of
making the owner responsible for the land/domain, I would be against
the obfuscation of the ultimate owners behind privacy services. 
However, because it is not possible, having a proxy service that
forwards legitimate messages to the owner while blocking out spammers
and scammers of all sorts is a welcome element in the system.  I do not
miss the snailmail spam from the nineties, addressed to my WHOIS
contact details, selling directory entries or trying to fool me into
migrating my domains to their registry.

We all recognize a spammer when we see one, and yet it is so difficult
to root them out!

--
Yuval Levy, JD, MBA, CFA
Ontario-licensed lawyer


___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Brandon Long via mailop]

https://www.theverge.com/2021/9/22/22688331/texas-hb-20-first-amendment-lawsuit-social-media-censorship

though not over the email spam provision at this time.  The text of the law
contains the usual severability provisions, but I won't make
any predictions what, if any, parts of this survive til Dec 2nd.

Brandon

On Thu, Sep 23, 2021 at 7:48 PM John Levine via mailop 
wrote:

> A bizarre new Texas law makes most spam filtering illegal, effective Dec 2:
>
>  “An electronic mail service provider may not intentionally impede the
> transmission of another person’s electronic mail message based on the
> content of the message” unless:
>
> * it “provides a process for the prompt, good faith resolution of a
> dispute related to the blocking with the sender of the commercial
> electronic mail message” or
>
> * “the provider has a good faith, reasonable belief that the message
> contains malicious computer code, obscene material, material depicting
> sexual conduct, or material that violates other law”
>
> Senders who are blocked can sue for $10/msg up to $25K/day.  If I had any
> users in Texas, I would turn off all the spam filtering.
> Why take the risk?
>
> If you think this is mind-bogglingly stupid and nobody in their right mind
> would pass such a law, you are correct, but, you know, Texas.
>
> More info here:
>
>
> https://blog.ericgoldman.org/archives/2021/09/texas-enacts-social-media-censorship-law-to-benefit-anti-vaxxers-spammers.htm
>
> R's,
> John
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Steven Champeon via mailop]

on Fri, Sep 24, 2021 at 12:36:23PM -0400, Bill Cole via mailop wrote:
> Owning an operational domain name makes you a public person. A
> domain name is a claim on a specific piece of the public commons of
> the DNS. In many places (including the US and at least some European
> countries) you can only own land if your 'title' to that land is
> registered with the government in an open public record. In the US,
> that title includes the record of past ownership and even sales
> prices. A domain name is intrinsically connected to public
> interaction.

This. 

If you want to operate a private LAN with RFC1918 addressing that isn't
connected to the public Internet, by all means, register domains to use
on that LAN (or even WAN) with cloaked bullshit, whatever the excuse you
want to use - or don't bother, because nobody else will ever need to
know why you're using those domains, because they're not public. Once
you decide you want to participate in the public Internet, you have a
basic responsibility to be accountable for abuse emanating from that
participation, and part of that is being able to demonstrate who you are
and who to contact to report such abuse. The GDPR is pointless, as I've
said upthread, because massive interconnectedness ALREADY makes all of
the information that might have shown up in a WHOIS lookup public
information. Does anyone really think that cloaked WHOIS is anything
more than a way for registrars to make more money? I'm still pissed that
I once renewed a domain registration and they cloaked my information
(and charged me for it) because I missed a checkbox. Lunacy and vile
idiocy combined with profit motive is all this amounts to, and making
futile arguments about "personal privacy" is so much dross. Want to be
a private person? Stay out of the public sphere. 

-- 
hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2553 w: http://hesketh.com/
Internet security and antispam hostname intelligence: http://enemieslist.com/
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Jarland Donnell via mailop]

I seem to have plenty of time for nuance. I value privacy for my 
customers, very little for myself. I'm routinely annoyed by the 
anonymity of career spammers, which is exactly why I know they'll never 
meet me in a court room. They'd have to give it up.


On 2021-09-24 23:05, Luke via mailop wrote:

Its 2021. You either love privacy or you hate privacy. Pick a side.
Who has time for nuance.

On Fri, Sep 24, 2021, 1:11 PM Jarland Donnell via mailop
 wrote:


What will be better with my services, when i publish my name? Do

you

know me? What will prevent me to publish fictive name or use

someone

else to register domain for me? You do not need know me, you only

need

to know, if my servers abuse you or not. Nothing more, nothing

less,

exactly as on the street. Or do you care about identity of all

people

on the street, which want something from you? I doubt...


It's accountability. If you published fake info you could lose the
domain. If you abuse me and I know who you are, I know who to file a

police report / lawsuit against. There are many legitimate use cases
for
anonymity, but plenty more cases where it's used to protect and
safeguard abusive people from being held accountable in public.

On 2021-09-24 19:55, Slavko via mailop wrote:

Ahoj,

Dňa Fri, 24 Sep 2021 12:36:23 -0400 Bill Cole via mailop
 napísal:


On 2021-09-24 at 11:50:24 UTC-0400 (Fri, 24 Sep 2021 17:50:24

+0200)

Slavko via mailop 
is rumored to have said:


While i cannot comment mentioned OVH domain, i will ask, why

anyone

have to know from WHOIS of my domain my name, or my address or
anything
about me as private person? Yes, if someone has archive of

WHOIS

response, it was there and i was not happy from that. Are you

having

label with these info at top of face when you are walking on

the

street?


Bad analogy.


Good analogy, as street is as public as the Internet is. You do

not

answer if are you publishing your identity on the street.


Owning an operational domain name makes you a public person. A

domain

name is a claim on a specific piece of the public commons of the

DNS.

In many places (including the US and at least some European
countries) you can only own land if your 'title' to that land is
registered with the government in an open public record. In the

US,

that title includes the record of past ownership and even sales
prices. A domain name is intrinsically connected to public
interaction.


And that is what GDPR exactly prevents. That anyone want/require

that

others have to publish, what they don't want, only because they

want to

know it. The RFC defines ways how to contact domain's services
maintainers (postmaster, hostmaster, abuse, etc). What more you

need to

know?

What will be better with my services, when i publish my name? Do

you

know me? What will prevent me to publish fictive name or use

someone

else to register domain for me? You do not need know me, you only

need

to know, if my servers abuse you or not. Nothing more, nothing

less,

exactly as on the street. Or do you care about identity of all

people

on the street, which want something from you? I doubt...

When you look at RFC, you will found, that it say about server's
identity (HELO/EHLO) nothing more, nothing less. And even tells,

that

no one have to reject emails based on that identity checks...

I do not know how in USA, but in our country the government has

tools

to know my identity, if there is legal reason (and court approve

it).

How legal is your reason, beside that you want to know it?

In our country's neighbor, here is one saying (i will no try to
translate it): "jména hloupých na všech sloupích", see




https://cs.wiktionary.org/wiki/jm%C3%A9na_hloup%C3%BDch_na_v%C5%A1ech_sloup%C3%ADch


regards

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Grant Taylor via mailop]

On 9/24/21 3:05 PM, Luke via mailop wrote:

Its 2021.


What does the year have to do with it?


You either love privacy or you hate privacy. Pick a side.


I love using privacy from a personal / individual stand point.

I dislike (but don't hate) privacy from a network administrator's 
standpoint because of the complications it brings along with it.



Who has time for nuance.


I do.

I know many others that do.

I expect the three letter governmental agencies love to use privacy to 
protect their communications while also hating it when others hide 
communications from them.  So I suspect that said governmental agencies 
have time for nuance too.


It depends.™



--
Grant. . . .
unix || die



smime.p7s
Description: S/MIME Cryptographic Signature
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Luke via mailop]

Its 2021. You either love privacy or you hate privacy. Pick a side. Who has
time for nuance.

On Fri, Sep 24, 2021, 1:11 PM Jarland Donnell via mailop 
wrote:

> > What will be better with my services, when i publish my name? Do you
> > know me? What will prevent me to publish fictive name or use someone
> > else to register domain for me? You do not need know me, you only need
> > to know, if my servers abuse you or not. Nothing more, nothing less,
> > exactly as on the street. Or do you care about identity of all people
> > on the street, which want something from you? I doubt...
>
> It's accountability. If you published fake info you could lose the
> domain. If you abuse me and I know who you are, I know who to file a
> police report / lawsuit against. There are many legitimate use cases for
> anonymity, but plenty more cases where it's used to protect and
> safeguard abusive people from being held accountable in public.
>
> On 2021-09-24 19:55, Slavko via mailop wrote:
> > Ahoj,
> >
> > Dňa Fri, 24 Sep 2021 12:36:23 -0400 Bill Cole via mailop
> >  napísal:
> >
> >> On 2021-09-24 at 11:50:24 UTC-0400 (Fri, 24 Sep 2021 17:50:24 +0200)
> >> Slavko via mailop 
> >> is rumored to have said:
> >>
> >> > While i cannot comment mentioned OVH domain, i will ask, why anyone
> >> > have to know from WHOIS of my domain my name, or my address or
> >> > anything
> >> > about me as private person? Yes, if someone has archive of WHOIS
> >> > response, it was there and i was not happy from that. Are you having
> >> > label with these info at top of face when you are walking on the
> >> > street?
> >>
> >> Bad analogy.
> >
> > Good analogy, as street is as public as the Internet is. You do not
> > answer if are you publishing your identity on the street.
> >
> >> Owning an operational domain name makes you a public person. A domain
> >> name is a claim on a specific piece of the public commons of the DNS.
> >> In many places (including the US and at least some European
> >> countries) you can only own land if your 'title' to that land is
> >> registered with the government in an open public record. In the US,
> >> that title includes the record of past ownership and even sales
> >> prices. A domain name is intrinsically connected to public
> >> interaction.
> >
> > And that is what GDPR exactly prevents. That anyone want/require that
> > others have to publish, what they don't want, only because they want to
> > know it. The RFC defines ways how to contact domain's services
> > maintainers (postmaster, hostmaster, abuse, etc). What more you need to
> > know?
> >
> > What will be better with my services, when i publish my name? Do you
> > know me? What will prevent me to publish fictive name or use someone
> > else to register domain for me? You do not need know me, you only need
> > to know, if my servers abuse you or not. Nothing more, nothing less,
> > exactly as on the street. Or do you care about identity of all people
> > on the street, which want something from you? I doubt...
> >
> > When you look at RFC, you will found, that it say about server's
> > identity (HELO/EHLO) nothing more, nothing less. And even tells, that
> > no one have to reject emails based on that identity checks...
> >
> > I do not know how in USA, but in our country the government has tools
> > to know my identity, if there is legal reason (and court approve it).
> > How legal is your reason, beside that you want to know it?
> >
> > In our country's neighbor, here is one saying (i will no try to
> > translate it): "jména hloupých na všech sloupích", see
> >
> https://cs.wiktionary.org/wiki/jm%C3%A9na_hloup%C3%BDch_na_v%C5%A1ech_sloup%C3%ADch
> >
> > regards
> >
> > ___
> > mailop mailing list
> > mailop@mailop.org
> > https://list.mailop.org/listinfo/mailop
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Jarland Donnell via mailop]

What will be better with my services, when i publish my name? Do you
know me? What will prevent me to publish fictive name or use someone
else to register domain for me? You do not need know me, you only need
to know, if my servers abuse you or not. Nothing more, nothing less,
exactly as on the street. Or do you care about identity of all people
on the street, which want something from you? I doubt...


It's accountability. If you published fake info you could lose the 
domain. If you abuse me and I know who you are, I know who to file a 
police report / lawsuit against. There are many legitimate use cases for 
anonymity, but plenty more cases where it's used to protect and 
safeguard abusive people from being held accountable in public.


On 2021-09-24 19:55, Slavko via mailop wrote:

Ahoj,

Dňa Fri, 24 Sep 2021 12:36:23 -0400 Bill Cole via mailop
 napísal:


On 2021-09-24 at 11:50:24 UTC-0400 (Fri, 24 Sep 2021 17:50:24 +0200)
Slavko via mailop 
is rumored to have said:

> While i cannot comment mentioned OVH domain, i will ask, why anyone
> have to know from WHOIS of my domain my name, or my address or
> anything
> about me as private person? Yes, if someone has archive of WHOIS
> response, it was there and i was not happy from that. Are you having
> label with these info at top of face when you are walking on the
> street?

Bad analogy.


Good analogy, as street is as public as the Internet is. You do not
answer if are you publishing your identity on the street.


Owning an operational domain name makes you a public person. A domain
name is a claim on a specific piece of the public commons of the DNS.
In many places (including the US and at least some European
countries) you can only own land if your 'title' to that land is
registered with the government in an open public record. In the US,
that title includes the record of past ownership and even sales
prices. A domain name is intrinsically connected to public
interaction.


And that is what GDPR exactly prevents. That anyone want/require that
others have to publish, what they don't want, only because they want to
know it. The RFC defines ways how to contact domain's services
maintainers (postmaster, hostmaster, abuse, etc). What more you need to
know?

What will be better with my services, when i publish my name? Do you
know me? What will prevent me to publish fictive name or use someone
else to register domain for me? You do not need know me, you only need
to know, if my servers abuse you or not. Nothing more, nothing less,
exactly as on the street. Or do you care about identity of all people
on the street, which want something from you? I doubt...

When you look at RFC, you will found, that it say about server's
identity (HELO/EHLO) nothing more, nothing less. And even tells, that
no one have to reject emails based on that identity checks...

I do not know how in USA, but in our country the government has tools
to know my identity, if there is legal reason (and court approve it).
How legal is your reason, beside that you want to know it?

In our country's neighbor, here is one saying (i will no try to
translate it): "jména hloupých na všech sloupích", see
https://cs.wiktionary.org/wiki/jm%C3%A9na_hloup%C3%BDch_na_v%C5%A1ech_sloup%C3%ADch

regards

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Slavko via mailop]

Ahoj,

Dňa Fri, 24 Sep 2021 12:36:23 -0400 Bill Cole via mailop
 napísal:

> On 2021-09-24 at 11:50:24 UTC-0400 (Fri, 24 Sep 2021 17:50:24 +0200)
> Slavko via mailop 
> is rumored to have said:
> 
> > While i cannot comment mentioned OVH domain, i will ask, why anyone
> > have to know from WHOIS of my domain my name, or my address or 
> > anything
> > about me as private person? Yes, if someone has archive of WHOIS
> > response, it was there and i was not happy from that. Are you having
> > label with these info at top of face when you are walking on the 
> > street?  
> 
> Bad analogy.

Good analogy, as street is as public as the Internet is. You do not
answer if are you publishing your identity on the street.

> Owning an operational domain name makes you a public person. A domain 
> name is a claim on a specific piece of the public commons of the DNS.
> In many places (including the US and at least some European
> countries) you can only own land if your 'title' to that land is
> registered with the government in an open public record. In the US,
> that title includes the record of past ownership and even sales
> prices. A domain name is intrinsically connected to public
> interaction.

And that is what GDPR exactly prevents. That anyone want/require that
others have to publish, what they don't want, only because they want to
know it. The RFC defines ways how to contact domain's services
maintainers (postmaster, hostmaster, abuse, etc). What more you need to
know?

What will be better with my services, when i publish my name? Do you
know me? What will prevent me to publish fictive name or use someone
else to register domain for me? You do not need know me, you only need
to know, if my servers abuse you or not. Nothing more, nothing less,
exactly as on the street. Or do you care about identity of all people
on the street, which want something from you? I doubt...

When you look at RFC, you will found, that it say about server's
identity (HELO/EHLO) nothing more, nothing less. And even tells, that
no one have to reject emails based on that identity checks...

I do not know how in USA, but in our country the government has tools
to know my identity, if there is legal reason (and court approve it).
How legal is your reason, beside that you want to know it?

In our country's neighbor, here is one saying (i will no try to
translate it): "jména hloupých na všech sloupích", see
https://cs.wiktionary.org/wiki/jm%C3%A9na_hloup%C3%BDch_na_v%C5%A1ech_sloup%C3%ADch

regards

-- 
Slavko
http://slavino.sk


pgpEB_iIiMh3c.pgp
Description: Digitálny podpis OpenPGP
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Mickey Chandler via mailop]

I'm not going to dispute that the law is dumb (because it certainly is),
but Prof. Goldman misses the mark on the spam filtering issue, I think.  If
he mentioned new Tex. Bus. & Comm. Code Sec. 321.054(1) ("the provider is
authorized to block the transmission under Section 321.114 or other
applicable state or federal law") in his blog post then I missed it over
about 3 readings of the blog post and specific word searches of the post
for "authorized" and "federal."

It doesn't say "required to block" but "authorized to block."

Again, the law is really dumb, but I'm not sure that it requires the
Chicken Little treatment.

On Thu, Sep 23, 2021 at 9:51 PM John Levine via mailop 
wrote:

> A bizarre new Texas law makes most spam filtering illegal, effective Dec 2:
>
>  “An electronic mail service provider may not intentionally impede the
> transmission of another person’s electronic mail message based on the
> content of the message” unless:
>
> * it “provides a process for the prompt, good faith resolution of a
> dispute related to the blocking with the sender of the commercial
> electronic mail message” or
>
> * “the provider has a good faith, reasonable belief that the message
> contains malicious computer code, obscene material, material depicting
> sexual conduct, or material that violates other law”
>
> Senders who are blocked can sue for $10/msg up to $25K/day.  If I had any
> users in Texas, I would turn off all the spam filtering.
> Why take the risk?
>
> If you think this is mind-bogglingly stupid and nobody in their right mind
> would pass such a law, you are correct, but, you know, Texas.
>
> More info here:
>
>
> https://blog.ericgoldman.org/archives/2021/09/texas-enacts-social-media-censorship-law-to-benefit-anti-vaxxers-spammers.htm
>
> R's,
> John
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Hans-Martin Mosner via mailop]

Am 24.09.21 um 17:50 schrieb Slavko via mailop:
>
> While i cannot comment mentioned OVH domain, i will ask, why anyone
> have to know from WHOIS of my domain my name, or my address or anything
> about me as private person? Yes, if someone has archive of WHOIS
> response, it was there and i was not happy from that. Are you having
> label with these info at top of face when you are walking on the street?
>
> That some companies are misusing GDPR to hide own identity? That
> doesn't mean, that GDPR is bad, it only shows that some companies are
> (at least) suspicious. While it still can be private domain...

In the context of e-mail and especially e-mail abuse, the central thing is 
trust. When SMTP servers communicate with
each other, they implicitly trust each other to be responsible internet 
participants. I can't trust a server whose
operator keeps his identity secret.

In the early times of the internet it was easy to find who was the technical or 
administrative contact for a mail server
and bring up issues such as delivery problems or unwanted mail from their users 
directly with them. Whois was an
important part of enabling that. It also enabled mail admins to identify 
whether some mail server was operated by a
spammer, and take appropriate measures to keep the spam out of their servers.

Today this is absolutely impossible. On one hand, it is pretty time-consuming 
to find a real technical contact for
example to tell them that their mail isn't being accepted due to incorrect SPF 
records or invalid reverse DNS settings.
I still hunt down contacts once in a while, but less and less so because I 
don't seem to find postmaster colleagues who
appreciate being informed about problems and at least send a quick "thanks" 
response.

On the other hand, identifying spamming organizations takes a lot of sleuthing 
and is still inaccurate guesswork (to me
at least). NameCheap, Cloudflare, Domaincontrol as registrars and the various 
hosting providers go out of their way to
keep the names of their spamming customers secret. These spammers are not 
private persons who are under GDPR protection
but commercial entities who don't care that they are violating my and my users' 
right to self-determined communications
and mailboxes without loads of spam. It's not "some companies", it's hundreds, 
and they are registering thousands of
domain names per month to keep people from identifying and blocking them.

In Germany, it's against the law to operate a website (even if it's the 
homepage of a local rabbit breeders club, as
only personal and family uses are exempt) without having an accurate impress 
listing the names of the responsible
persons (natural person or legal entity), address, e-mail and phone contacts. I 
think this is way too broad, especially
regarding the border between private and public websites, but I also think it 
is absolutely crazy that for senders of
commercial advertisements via e-mail none of this is necessary, and they can 
hide behind lame GDPR excuses even though
it is totally clear that they are acting commercially. Of course, german law 
does not and should not apply to the rest
of the world, but I think most civilized societies have some notion of 
truthfulness in commerce, you need to at least be
able to know who you're dealing with when someone tries to sell you something 
or to influence you in other ways.

Cheers,
Hans-Martin

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Bill Cole via mailop]

On 2021-09-24 at 11:50:24 UTC-0400 (Fri, 24 Sep 2021 17:50:24 +0200)
Slavko via mailop 
is rumored to have said:


While i cannot comment mentioned OVH domain, i will ask, why anyone
have to know from WHOIS of my domain my name, or my address or 
anything

about me as private person? Yes, if someone has archive of WHOIS
response, it was there and i was not happy from that. Are you having
label with these info at top of face when you are walking on the 
street?


Bad analogy.

Owning an operational domain name makes you a public person. A domain 
name is a claim on a specific piece of the public commons of the DNS. In 
many places (including the US and at least some European countries) you 
can only own land if your 'title' to that land is registered with the 
government in an open public record. In the US, that title includes the 
record of past ownership and even sales prices. A domain name is 
intrinsically connected to public interaction.




--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Slavko via mailop]

Ahoj,

Dňa Fri, 24 Sep 2021 14:45:08 + Steven Champeon via mailop
 napísal:

> Looking up the domain in Google gives you the parent organization, as
> well as a link to a French Wikipedia page containing their address,
> leadership, history, URL, etc. so the net effect is that GDPR
> destroying WHOIS has provided absolutely no "privacy protection", and
> the illusory belief that blocking one of thousands of potential
> sources of information will protect anyone's privacy (not that
> corporations are people, despite whatever laws may state the
> contrary) is asinine and delusional.

While i cannot comment mentioned OVH domain, i will ask, why anyone
have to know from WHOIS of my domain my name, or my address or anything
about me as private person? Yes, if someone has archive of WHOIS
response, it was there and i was not happy from that. Are you having
label with these info at top of face when you are walking on the street?

That some companies are misusing GDPR to hide own identity? That
doesn't mean, that GDPR is bad, it only shows that some companies are
(at least) suspicious. While it still can be private domain...

As someone already mention, GDPR is step in good direction. Not
perfect nor without problems, but good step and good direction.

-- 
Slavko
http://slavino.sk


pgpBaYUJ6qChJ.pgp
Description: Digitálny podpis OpenPGP
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Steven Champeon via mailop]

on Fri, Sep 24, 2021 at 11:40:22AM +0200, Jaroslaw Rafa via mailop wrote:
> This *is* a law that "helps protect the innocent victims". Yes, it is
> sometimes poorly (or intentionally wrongly) implemented, such an abusing the
> "legitimate interest" concept included in the GDPR by many advertisers to
> still flood you with advertising. It may also have unwanted consequences as
> anonymizing the data of domain holders in registries, if these holders are
> private persons. But in fact in my opinion GDPR is overall a good step in
> protecting the rights of the individual.

This is the output of a whois lookup of a domain hosted by OVH:

Registry Registrant ID:
Registrant Name: REDACTED FOR PRIVACY
Registrant Organization: LOCARCHIVES
Registrant Street: REDACTED FOR PRIVACY
Registrant City: REDACTED FOR PRIVACY
Registrant State/Province: 
Registrant Postal Code: REDACTED FOR PRIVACY
Registrant Country: FR
Registrant Phone: REDACTED FOR PRIVACY
Registrant Phone Ext: REDACTED FOR PRIVACY
Registrant Fax: REDACTED FOR PRIVACY
Registrant Fax Ext: REDACTED FOR PRIVACY
Registrant Email: REDACTED FOR PRIVACY. Send message to contact by visiting 
https://www.ovhcloud.com/en/lp/request-ovhcloud-registered-domain/
Registry Admin ID:
Admin Name: REDACTED FOR PRIVACY
Admin Organization: REDACTED FOR PRIVACY
Admin Street: REDACTED FOR PRIVACY
Admin City: REDACTED FOR PRIVACY
Admin State/Province: REDACTED FOR PRIVACY
Admin Postal Code: REDACTED FOR PRIVACY
Admin Country: REDACTED FOR PRIVACY
Admin Phone: REDACTED FOR PRIVACY
Admin Phone Ext: REDACTED FOR PRIVACY
Admin Fax: REDACTED FOR PRIVACY
Admin Fax Ext: REDACTED FOR PRIVACY
Admin Email: REDACTED FOR PRIVACY. Send message to contact by visiting 
https://www.ovhcloud.com/en/lp/request-ovhcloud-registered-domain/
Registry Tech ID:
Tech Name: REDACTED FOR PRIVACY
Tech Organization: REDACTED FOR PRIVACY
Tech Street: REDACTED FOR PRIVACY
Tech City: REDACTED FOR PRIVACY
Tech State/Province: REDACTED FOR PRIVACY
Tech Postal Code: REDACTED FOR PRIVACY
Tech Country: REDACTED FOR PRIVACY
Tech Phone: REDACTED FOR PRIVACY
Tech Phone Ext: REDACTED FOR PRIVACY
Tech Fax: REDACTED FOR PRIVACY
Tech Fax Ext: REDACTED FOR PRIVACY
Tech Email: REDACTED FOR PRIVACY. Send message to contact by visiting 
https://www.ovhcloud.com/en/lp/request-ovhcloud-registered-domain/
Name Server: dns105.ovh.net
Name Server: ns105.ovh.net
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System:
http://wdprs.internic.net/
>>> Last update of WHOIS database: 2021-07-01T17:56:10.0Z <<<

I count two useful data points. What a ridiculous waste of time,
resources, energy, and effort. And that's followed by some 60+ lines of
explanatory language in both French and English, which is a pack of lies
on the face of it ("The data in this Whois is at your disposal with the
aim of supplying you the information only, that is helping you in the
obtaining of the information about or related to a domain name
registration record."). Three if you count the name servers, but I don't
generally regard an NS record as PII, especially when it's one from one
of the largest Web hosting conglomerates in the world.

Visiting the domain in a browser redirects to a OVH webmail login screen.

Looking up the domain in Google gives you the parent organization, as
well as a link to a French Wikipedia page containing their address,
leadership, history, URL, etc. so the net effect is that GDPR destroying
WHOIS has provided absolutely no "privacy protection", and the illusory
belief that blocking one of thousands of potential sources of
information will protect anyone's privacy (not that corporations are
people, despite whatever laws may state the contrary) is asinine and
delusional.

-- 
hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2553 w: http://hesketh.com/
Internet security and antispam hostname intelligence: http://enemieslist.com/
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Anne P. Mitchell, Esq. via mailop]

> On Sep 23, 2021, at 9:08 PM, John Levine via mailop  wrote:
> 
> It appears that Jarland Donnell via mailop  said:
>>> * “the provider has a good faith, reasonable belief that the message
>>> contains malicious computer code, obscene material, material depicting
>>> sexual conduct, or material that violates other law”
>> 
>> And guess what I have on all of my spam filters? Good faith, reasonable 
>> evidence and belief that it contains material which violates the law: 
>> https://en.wikipedia.org/wiki/CAN-SPAM_Act_of_2003
> 
> CAN SPAM *allows* you to filter but it does not *require* you to filter.  
> Under CAN SPAM,
> unsolicited ads are entirely legal if they have an opt-out link and are not 
> deceptive.

However, CAN-SPAM is Federal law, which trumps state law - even, yes, Texas law 
(editorial comment about Texas and their view of their laws withheld).

Anne

--
Anne P. Mitchell,  Attorney at Law
CEO Get to the Inbox - We get you into the inbox!
Author: The Email Deliverability Handbook
Author: Section 6 of the Federal Email Marketing Law (CAN-SPAM)
Email Marketing Deliverability and Best Practices Expert
Board of Directors, Denver Internet Exchange
Chair Emeritus, Asilomar Microcomputer Workshop
Former Counsel: MAPS Anti-Spam Blacklist
Location: Boulder, Colorado
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[yuv via mailop]

On Fri, 2021-09-24 at 13:36 +0200, Sidsel Jensen via mailop wrote:
>  Privacy is sometimes a two-edged sword.

Privacy is a two-concepts word whose combination is misunderstood by
most: Property+Secrecy.

Property: the right to exclude others from using what is yours.  
Secrecy: the effort to hide what is yours from others.

Property is easier to understand when applied to cars, buildings, and
other objects composed of atoms.  However, it applies also to email
addresses, movies, and other objects composed by a sequence of bits. 
The difficulty with Privacy=Property in the digital realm is that some
sequences of bits are given more (legal) protection than others.  Just
because the door is not locked it does not mean that the thieves may
come in and serve themselves.

Yuv
--
Yuval Levy, JD, MBA, CFA
Ontario-licensed lawyer


___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Zach Rose via mailop]

In my estimation, how would they know that it didn't get to the inbox if
you... just don't tell them? Possibly a naive thought, possibly not.


*Zach RoseEmail Deliverability Manager*
[image: SharpSpring Marketing Automation] 
Partner Support: 1-888-428-9605, option 1 E: zach...@sharpspring.com W:
www.sharpspring.com
  
 


On Fri, Sep 24, 2021 at 7:56 AM Michael Ströder via mailop <
mailop@mailop.org> wrote:

> On 9/24/21 13:36, Sidsel Jensen via mailop wrote:
> > I think you misunderstood what Michael wrote. I think he was refering
> > to the changes in WHOIS, which makes it harder to find correlating
> > abusers, since the data is now hidden due to the implementation of
> > GDPR. Privacy is sometimes a two-edged sword.
> And gathered WHOIS data was also often used for spamming...
>
> Ciao, Michael.
>
> >> On 24 Sep 2021, at 11.40, Jaroslaw Rafa via mailop 
> wrote:
> >>
> >> Dnia 23.09.2021 o godz. 20:41:41 Michael Peddemors via mailop pisze:
> >>> It's just really sad, that instead of going after malicious
> >>> dangerous offenders we keep bringing on new laws to make it harder
> >>> to do so. GDPR, anonymous domain registries etc..
> >>
> >> Why do you assume that GDPR is a law directed to facilitate spamming or
> >> similar activities?
> >>
> >> GDPR basically says that nobody is allowed to use your personal data
> (which
> >> includes your e-mail address) without clearly explaining who uses the
> data,
> >> which data is used, for what purpose and on which legal basis. And in
> most
> >> cases, the legal basis is the consent of the individual in question. So
> one
> >> of the implications of GDPR is that nobody is allowed to spam you
> without
> >> your consent.
> >>
> >> This *is* a law that "helps protect the innocent victims". Yes, it is
> >> sometimes poorly (or intentionally wrongly) implemented, such an
> abusing the
> >> "legitimate interest" concept included in the GDPR by many advertisers
> to
> >> still flood you with advertising. It may also have unwanted
> consequences as
> >> anonymizing the data of domain holders in registries, if these holders
> are
> >> private persons. But in fact in my opinion GDPR is overall a good step
> in
> >> protecting the rights of the individual.
> >>
> >> In fact, I noticed a large cut down in spam amount on my server at the
> time
> >> GDPR went into effect, especially for the most blatant random spams
> sent to
> >> lists of addresses obtained from nobody-knows-where.
> >>
> >> Maybe Americans have a different experience, as GDPR only imposes some
> >> obligations on them without returning any benefits (as US does not have
> a
> >> similar data protection law, as far as I know), but we Europeans view
> GDPR
> >> differently, as provides some *actual benefits* to us.
> >> --
> >> Regards,
> >>   Jaroslaw Rafa
> >>   r...@rafa.eu.org
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Michael Ströder via mailop]

On 9/24/21 13:36, Sidsel Jensen via mailop wrote:
> I think you misunderstood what Michael wrote. I think he was refering
> to the changes in WHOIS, which makes it harder to find correlating
> abusers, since the data is now hidden due to the implementation of
> GDPR. Privacy is sometimes a two-edged sword.
And gathered WHOIS data was also often used for spamming...

Ciao, Michael.

>> On 24 Sep 2021, at 11.40, Jaroslaw Rafa via mailop  wrote:
>>
>> Dnia 23.09.2021 o godz. 20:41:41 Michael Peddemors via mailop pisze:
>>> It's just really sad, that instead of going after malicious
>>> dangerous offenders we keep bringing on new laws to make it harder
>>> to do so. GDPR, anonymous domain registries etc..
>>
>> Why do you assume that GDPR is a law directed to facilitate spamming or
>> similar activities?
>>
>> GDPR basically says that nobody is allowed to use your personal data (which
>> includes your e-mail address) without clearly explaining who uses the data,
>> which data is used, for what purpose and on which legal basis. And in most
>> cases, the legal basis is the consent of the individual in question. So one
>> of the implications of GDPR is that nobody is allowed to spam you without
>> your consent.
>>
>> This *is* a law that "helps protect the innocent victims". Yes, it is
>> sometimes poorly (or intentionally wrongly) implemented, such an abusing the
>> "legitimate interest" concept included in the GDPR by many advertisers to
>> still flood you with advertising. It may also have unwanted consequences as
>> anonymizing the data of domain holders in registries, if these holders are
>> private persons. But in fact in my opinion GDPR is overall a good step in
>> protecting the rights of the individual.
>>
>> In fact, I noticed a large cut down in spam amount on my server at the time
>> GDPR went into effect, especially for the most blatant random spams sent to
>> lists of addresses obtained from nobody-knows-where.
>>
>> Maybe Americans have a different experience, as GDPR only imposes some
>> obligations on them without returning any benefits (as US does not have a
>> similar data protection law, as far as I know), but we Europeans view GDPR
>> differently, as provides some *actual benefits* to us.
>> --
>> Regards,
>>   Jaroslaw Rafa
>>   r...@rafa.eu.org
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Jaroslaw Rafa via mailop]

Dnia 24.09.2021 o godz. 13:36:28 Sidsel Jensen via mailop pisze:
> 
> I think you misunderstood what Michael wrote. I think he was refering to
> the changes in WHOIS, which makes it harder to find correlating abusers,
> since the data is now hidden due to the implementation of GDPR.  Privacy
> is sometimes a two-edged sword.

Yes, I did mention that in my email. But despite this, I think overall GDPR
is a step in good direction.
-- 
Regards,
   Jaroslaw Rafa
   r...@rafa.eu.org
--
"In a million years, when kids go to school, they're gonna know: once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Sidsel Jensen via mailop]

Hi Jaroslaw

I think you misunderstood what Michael wrote. I think he was refering to the 
changes in WHOIS, which makes it harder to find correlating abusers, since the 
data is now hidden due to the implementation of GDPR. Privacy is sometimes a 
two-edged sword.

/Sidsel

> On 24 Sep 2021, at 11.40, Jaroslaw Rafa via mailop  wrote:
> 
> Dnia 23.09.2021 o godz. 20:41:41 Michael Peddemors via mailop pisze:
>> It's just really sad, that instead of going after malicious
>> dangerous offenders we keep bringing on new laws to make it harder
>> to do so. GDPR, anonymous domain registries etc..
> 
> Why do you assume that GDPR is a law directed to facilitate spamming or
> similar activities?
> 
> GDPR basically says that nobody is allowed to use your personal data (which
> includes your e-mail address) without clearly explaining who uses the data,
> which data is used, for what purpose and on which legal basis. And in most
> cases, the legal basis is the consent of the individual in question. So one
> of the implications of GDPR is that nobody is allowed to spam you without
> your consent.
> 
> This *is* a law that "helps protect the innocent victims". Yes, it is
> sometimes poorly (or intentionally wrongly) implemented, such an abusing the
> "legitimate interest" concept included in the GDPR by many advertisers to
> still flood you with advertising. It may also have unwanted consequences as
> anonymizing the data of domain holders in registries, if these holders are
> private persons. But in fact in my opinion GDPR is overall a good step in
> protecting the rights of the individual.
> 
> In fact, I noticed a large cut down in spam amount on my server at the time
> GDPR went into effect, especially for the most blatant random spams sent to
> lists of addresses obtained from nobody-knows-where.
> 
> Maybe Americans have a different experience, as GDPR only imposes some
> obligations on them without returning any benefits (as US does not have a
> similar data protection law, as far as I know), but we Europeans view GDPR
> differently, as provides some *actual benefits* to us.
> --
> Regards,
>   Jaroslaw Rafa
>   r...@rafa.eu.org
> --
> "In a million years, when kids go to school, they're gonna know: once there
> was a Hushpuppy, and she lived with her daddy in the Bathtub."
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop



signature.asc
Description: Message signed with OpenPGP
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Slavko via mailop]

Hi,

Dňa 24. 9. o 11:40 Jaroslaw Rafa via mailop napísal(a):
> This *is* a law that "helps protect the innocent victims". Yes, it is
> sometimes poorly (or intentionally wrongly) implemented, such an abusing the
> "legitimate interest" concept included in the GDPR by many advertisers to
> still flood you with advertising. It may also have unwanted consequences as
> anonymizing the data of domain holders in registries, if these holders are
> private persons. But in fact in my opinion GDPR is overall a good step in
> protecting the rights of the individual.

I absolutely agree, GDPR is intended to protect individual's privacy.
And most of caomplains come from these semi-spammers, who think, that
people have email addresses to get their advertisements.

> Maybe Americans have a different experience, as GDPR only imposes some
> obligations on them without returning any benefits (as US does not have a
> similar data protection law, as far as I know), but we Europeans view GDPR
> differently, as provides some *actual benefits* to us.

Sure, USA has different laws and different point of view on users
privacy, than here in EU.

regards
Slavko
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Jaroslaw Rafa via mailop]

Dnia 23.09.2021 o godz. 20:41:41 Michael Peddemors via mailop pisze:
> It's just really sad, that instead of going after malicious
> dangerous offenders we keep bringing on new laws to make it harder
> to do so. GDPR, anonymous domain registries etc..

Why do you assume that GDPR is a law directed to facilitate spamming or
similar activities?

GDPR basically says that nobody is allowed to use your personal data (which
includes your e-mail address) without clearly explaining who uses the data,
which data is used, for what purpose and on which legal basis. And in most
cases, the legal basis is the consent of the individual in question. So one
of the implications of GDPR is that nobody is allowed to spam you without
your consent.

This *is* a law that "helps protect the innocent victims". Yes, it is
sometimes poorly (or intentionally wrongly) implemented, such an abusing the
"legitimate interest" concept included in the GDPR by many advertisers to
still flood you with advertising. It may also have unwanted consequences as
anonymizing the data of domain holders in registries, if these holders are
private persons. But in fact in my opinion GDPR is overall a good step in
protecting the rights of the individual.

In fact, I noticed a large cut down in spam amount on my server at the time
GDPR went into effect, especially for the most blatant random spams sent to
lists of addresses obtained from nobody-knows-where.

Maybe Americans have a different experience, as GDPR only imposes some
obligations on them without returning any benefits (as US does not have a
similar data protection law, as far as I know), but we Europeans view GDPR
differently, as provides some *actual benefits* to us.
-- 
Regards,
   Jaroslaw Rafa
   r...@rafa.eu.org
--
"In a million years, when kids go to school, they're gonna know: once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Michael Peddemors via mailop]

On 2021-09-23 10:26 p.m., Jay Hennigan via mailop wrote:

On 9/23/21 19:45, John Levine via mailop wrote:
A bizarre new Texas law makes most spam filtering illegal, effective 
Dec 2:


  “An electronic mail service provider may not intentionally impede 
the transmission of another person’s electronic mail message based on 
the content of the message” unless:


[snip]

* “the provider has a good faith, reasonable belief that the message 
contains malicious computer code, obscene material, material depicting 
sexual conduct, or material that violates other law”


That's 321.054 here: 
https://statutes.capitol.texas.gov/Docs/BC/htm/BC.321.htm#321.054


Note the "material that violates other law".

Now scroll up in the same statute to 321.052. This is indeed an "other 
law" as described above.


*  A person may not intentionally take an action to transmit an 
unsolicited commercial electronic mail message unless:


*  (1)  "ADV:"  appears first in the subject line of the message or, if 
the message contains obscene material or material depicting sexual 
conduct, "ADV:  ADULT ADVERTISEMENT" appears first in the subject line; 
and



I've seen a lot of spam and it has been a very long time since I saw one 
with "ADV:" at the beginning of the subject line.


So it looks to me (not a lawyer and don't play one on TV) that according 
to a different subsection of the very same statute it's perfectly fine 
to block spam that doesn't begin with "ADV:", which is pretty much all 
spam.






Ah, just playing because I just got home, and have a nice refreshment in 
front of me.. Umm.. Isnt' blocking because it doesn't have ADV at the 
subject, a case of filtering by content?  Oh, I am so confused, my head 
hurts ;)


Nite Nite everyone..

Have to get up early and write up an advice letter to all our Texas 
ISP's in the morning.


-- Michael --


 Note the "material that violates other law".

Oh, was that US law or 'any law'.. wonder if there is a Taliban law 
that.. (oh, not even going to complete that thought)  Or is there an 
assumption in Texas that only means Texas law.. *cough* (Canadian)






--
"Catch the Magic of Linux..."

Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.

604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Jay Hennigan via mailop]

On 9/23/21 19:45, John Levine via mailop wrote:

A bizarre new Texas law makes most spam filtering illegal, effective Dec 2:

  “An electronic mail service provider may not intentionally impede the 
transmission of another person’s electronic mail message based on the content 
of the message” unless:


[snip]


* “the provider has a good faith, reasonable belief that the message contains 
malicious computer code, obscene material, material depicting sexual conduct, 
or material that violates other law”


That's 321.054 here: 
https://statutes.capitol.texas.gov/Docs/BC/htm/BC.321.htm#321.054


Note the "material that violates other law".

Now scroll up in the same statute to 321.052. This is indeed an "other 
law" as described above.


*  A person may not intentionally take an action to transmit an 
unsolicited commercial electronic mail message unless:


*  (1)  "ADV:"  appears first in the subject line of the message or, if 
the message contains obscene material or material depicting sexual 
conduct, "ADV:  ADULT ADVERTISEMENT" appears first in the subject line; 
and



I've seen a lot of spam and it has been a very long time since I saw one 
with "ADV:" at the beginning of the subject line.


So it looks to me (not a lawyer and don't play one on TV) that according 
to a different subsection of the very same statute it's perfectly fine 
to block spam that doesn't begin with "ADV:", which is pretty much all 
spam.



--
Jay Hennigan - j...@west.net
Network Engineering - CCIE #7880
503 897-8550 - WB6RDV
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Michael Rathbun via mailop]

On Thu, 23 Sep 2021 20:41:41 -0700, Michael Peddemors via mailop
 wrote:

>Why is there no laws that help protect the innocent victims of all the 
>phishing attacks that go on unabated from some of the largest companies?

In the case of unsolicited broadcast email (UBE, spam) the laws tend to be
written by those who wish to send, and/or who receive financial support from
those who wish to send unsolicited broadcast email, also known as Forced
Pay-Per-View Advertising.  

Follow the money.

mdr
-- 
  Ad finem pugnabo.

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Michael Rathbun via mailop]

On 23 Sep 2021 23:42:38 -0400, "John Levine"  wrote:

>Oh, you can't block them at all.  See sec 321.054.
>
>https://statutes.capitol.texas.gov/Docs/BC/htm/BC.321.htm#321.054

Which states, unless my monitor deceives me, that the denial must be "based on
the content of the message".  Since the total number of blocking decisions
based on content at this server is exactly equal to the cube root of zero, the
statute is not applicable.  However, I would welcome adversarial court actions
affirming that the statute should not be interpreted as written.

mdr
-- 
   "There will be more spam."
  -- Paul Vixie

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[John Levine via mailop]

It appears that Michael Rathbun via mailop  said:
>On 23 Sep 2021 22:45:48 -0400, John Levine via mailop 
>wrote:
>
>>* it “provides a process for the prompt, good faith resolution of a dispute 
>>related to the blocking with the sender of
>the commercial electronic mail message” or
>
>Fortunately, all of the senders that I publicly announce that I am blocking
>are political messages from Texas members of the Former Republican Party, who
>are not commercial senders, even when taking into account that all of the
>messages present monetary demands upon the (usually nonexisting) recipient.

Oh, you can't block them at all.  See sec 321.054.

https://statutes.capitol.texas.gov/Docs/BC/htm/BC.321.htm#321.054

R's,
John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Michael Peddemors via mailop]

This thread will probably be a rehash of the many conversations had on 
this topic, but the laws always protect the rights on who you open your 
door to, and who you decide to let cross the thresh hold...


It's just really sad, that instead of going after malicious dangerous 
offenders we keep bringing on new laws to make it harder to do so. 
GDPR, anonymous domain registries etc..


Where is the law that says if you provide the infrastructure for 
criminal activity (hosting companies) and do nothing when informed of 
it, that you should be considered an accessory?


Why is there no laws that help protect the innocent victims of all the 
phishing attacks that go on unabated from some of the largest companies?


Sorry, a bit of a rant..

But maybe Anne can weigh in here with some legal opinion.. What defense 
statement can an ISP in Texas make, when someone tries to take advantage 
of this law, eg nuisance lawsuits? Or just a simple statement to post on 
their web pages to mitigate this?


I am sure o365 and Gmail though will probably be able to address this 
with their legal teams long before the little guys have to worry..


I do hope this was something to tackle outbound opinion emails, rather 
than inbound.  Oh, does this mean Republican's can' block Democrats 
email any more? ;)


But I can see the suits and counter suits coming .. I think I will just 
go to sleep until this all blows over..


On 2021-09-23 7:45 p.m., John Levine via mailop wrote:

A bizarre new Texas law makes most spam filtering illegal, effective Dec 2:

  “An electronic mail service provider may not intentionally impede the 
transmission of another person’s electronic mail message based on the content 
of the message” unless:

* it “provides a process for the prompt, good faith resolution of a dispute 
related to the blocking with the sender of the commercial electronic mail 
message” or

* “the provider has a good faith, reasonable belief that the message contains 
malicious computer code, obscene material, material depicting sexual conduct, 
or material that violates other law”

Senders who are blocked can sue for $10/msg up to $25K/day.  If I had any users 
in Texas, I would turn off all the spam filtering.
Why take the risk?

If you think this is mind-bogglingly stupid and nobody in their right mind 
would pass such a law, you are correct, but, you know, Texas.

More info here:

https://blog.ericgoldman.org/archives/2021/09/texas-enacts-social-media-censorship-law-to-benefit-anti-vaxxers-spammers.htm

R's,
John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop





--
"Catch the Magic of Linux..."

Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.

604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Michael Rathbun via mailop]

On 23 Sep 2021 23:26:12 -0400, John Levine via mailop 
wrote:

>Do you really want to negotiate with every spammer who complains
>you're blocking his stuff, as 321.114(a) requires? How much free time
>do you have?

Plenty.  I'm retired.

However, given that the quoted statute claims to govern "intentionally
imped[ing] the transmission of another person’s electronic mail message based
on the content of the message", there is nothing to discuss.  

The content was not taken into account in the blockage.  The fact that the
message constituted theft of service was taken into account:  the user did not
give actual or constructive consent to the sender to use their resources for
the sender's benefit.  In the case of many of the recipients, they failed to
give consent because they fail to exist.

Even former Republicans should have some idea of property rights.

mdr
-- 
 "There are no laws here, only agreements."  
-- Masahiko

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Jarland Donnell via mailop]

Sure. If everyone operating out of or with customers in Texas disables 
their spam filters, I'm sure I'll have the time, money, and 
representation.


On 2021-09-23 22:26, John Levine wrote:

It appears that Jarland Donnell via mailop  said:

Also fun to totally read Sec. 321.114:
https://statutes.capitol.texas.gov/Docs/BC/htm/BC.321.htm#321.114

Looks to me like plenty of reasonable ground for operating as usual to
anyone who is operating in good faith to begin with.


Do you really want to negotiate with every spammer who complains
you're blocking his stuff, as 321.114(a) requires? How much free time
do you have?

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[John Levine via mailop]

It appears that Jarland Donnell via mailop  said:
>Also fun to totally read Sec. 321.114: 
>https://statutes.capitol.texas.gov/Docs/BC/htm/BC.321.htm#321.114
>
>Looks to me like plenty of reasonable ground for operating as usual to 
>anyone who is operating in good faith to begin with.

Do you really want to negotiate with every spammer who complains
you're blocking his stuff, as 321.114(a) requires? How much free time
do you have?

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Michael Rathbun via mailop]

On 23 Sep 2021 22:45:48 -0400, John Levine via mailop 
wrote:

>* it “provides a process for the prompt, good faith resolution of a dispute 
>related to the blocking with the sender of the commercial electronic mail 
>message” or

Fortunately, all of the senders that I publicly announce that I am blocking
are political messages from Texas members of the Former Republican Party, who
are not commercial senders, even when taking into account that all of the
messages present monetary demands upon the (usually nonexisting) recipient.

mdr
-- 
   Those who can make you believe absurdities 
   can make you commit atrocities.
-- Voltaire

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Jarland Donnell via mailop]

Also fun to totally read Sec. 321.114: 
https://statutes.capitol.texas.gov/Docs/BC/htm/BC.321.htm#321.114


Looks to me like plenty of reasonable ground for operating as usual to 
anyone who is operating in good faith to begin with.


On 2021-09-23 21:53, Jarland Donnell via mailop wrote:

* “the provider has a good faith, reasonable belief that the message
contains malicious computer code, obscene material, material depicting
sexual conduct, or material that violates other law”


And guess what I have on all of my spam filters? Good faith,
reasonable evidence and belief that it contains material which
violates the law: https://en.wikipedia.org/wiki/CAN-SPAM_Act_of_2003

On 2021-09-23 21:45, John Levine via mailop wrote:
A bizarre new Texas law makes most spam filtering illegal, effective 
Dec 2:


 “An electronic mail service provider may not intentionally impede the
transmission of another person’s electronic mail message based on the
content of the message” unless:

* it “provides a process for the prompt, good faith resolution of a
dispute related to the blocking with the sender of the commercial
electronic mail message” or

* “the provider has a good faith, reasonable belief that the message
contains malicious computer code, obscene material, material depicting
sexual conduct, or material that violates other law”

Senders who are blocked can sue for $10/msg up to $25K/day.  If I had
any users in Texas, I would turn off all the spam filtering.
Why take the risk?

If you think this is mind-bogglingly stupid and nobody in their right
mind would pass such a law, you are correct, but, you know, Texas.

More info here:

https://blog.ericgoldman.org/archives/2021/09/texas-enacts-social-media-censorship-law-to-benefit-anti-vaxxers-spammers.htm

R's,
John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[John Levine via mailop]

It appears that Jarland Donnell via mailop  said:
>> * “the provider has a good faith, reasonable belief that the message
>> contains malicious computer code, obscene material, material depicting
>> sexual conduct, or material that violates other law”
>
>And guess what I have on all of my spam filters? Good faith, reasonable 
>evidence and belief that it contains material which violates the law: 
>https://en.wikipedia.org/wiki/CAN-SPAM_Act_of_2003

CAN SPAM *allows* you to filter but it does not *require* you to filter.  Under 
CAN SPAM,
unsolicited ads are entirely legal if they have an opt-out link and are not 
deceptive.

You sure all the stuff you're filtering is illegal?  I doubt it.

R's,
John

PS: yes, this is stupid.  But that's what the various laws say.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[Jarland Donnell via mailop]

* “the provider has a good faith, reasonable belief that the message
contains malicious computer code, obscene material, material depicting
sexual conduct, or material that violates other law”


And guess what I have on all of my spam filters? Good faith, reasonable 
evidence and belief that it contains material which violates the law: 
https://en.wikipedia.org/wiki/CAN-SPAM_Act_of_2003


On 2021-09-23 21:45, John Levine via mailop wrote:
A bizarre new Texas law makes most spam filtering illegal, effective 
Dec 2:


 “An electronic mail service provider may not intentionally impede the
transmission of another person’s electronic mail message based on the
content of the message” unless:

* it “provides a process for the prompt, good faith resolution of a
dispute related to the blocking with the sender of the commercial
electronic mail message” or

* “the provider has a good faith, reasonable belief that the message
contains malicious computer code, obscene material, material depicting
sexual conduct, or material that violates other law”

Senders who are blocked can sue for $10/msg up to $25K/day.  If I had
any users in Texas, I would turn off all the spam filtering.
Why take the risk?

If you think this is mind-bogglingly stupid and nobody in their right
mind would pass such a law, you are correct, but, you know, Texas.

More info here:

https://blog.ericgoldman.org/archives/2021/09/texas-enacts-social-media-censorship-law-to-benefit-anti-vaxxers-spammers.htm

R's,
John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

[mailop] Got any users in Texas? Better turn off your spam filters by Dec 2

[John Levine via mailop]

A bizarre new Texas law makes most spam filtering illegal, effective Dec 2:

 “An electronic mail service provider may not intentionally impede the 
transmission of another person’s electronic mail message based on the content 
of the message” unless:

* it “provides a process for the prompt, good faith resolution of a dispute 
related to the blocking with the sender of the commercial electronic mail 
message” or

* “the provider has a good faith, reasonable belief that the message contains 
malicious computer code, obscene material, material depicting sexual conduct, 
or material that violates other law”

Senders who are blocked can sue for $10/msg up to $25K/day.  If I had any users 
in Texas, I would turn off all the spam filtering.
Why take the risk?

If you think this is mind-bogglingly stupid and nobody in their right mind 
would pass such a law, you are correct, but, you know, Texas.

More info here:

https://blog.ericgoldman.org/archives/2021/09/texas-enacts-social-media-censorship-law-to-benefit-anti-vaxxers-spammers.htm

R's,
John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop