Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 16.05.2005 14:30:20 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 22.05.2005 05:47:48 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 22.05.2005 05:48:52 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 22.05.2005 05:56:13 von Mark Ferguson

On Sun, 22 May 2005 03:47:48 GMT, "D. Stussy"
wrote:

>On Mon, 16 May 2005, Neil Woods wrote:
>> On Mon, May 16 2005, D. Stussy wrote:
>> > If [Kevin Mitnick] were such a good hacker, he never would have been
>> > caught in the first place. Being caught only proves that he's an
>> > idiot, and only the idiot we know as AC would worship another idiot.
>> >
>> > KM is the only person I am aware of that was expelled from a certain
>> > organization I belong to.
>>
>> The message you are responding to, although originally posted by Alan,
>> did not in this case originate directly from him, but is the result of a
>> flood to NANAE and comp.mail.misc obviously designed to disrupt these
>> newsgroups.
>>
>> Look at the X-Received-Date: and NNTP-Posting-Host: headers.
>>
>> I thought at first that the NNTP-Posting-Host (82.12.200.25) was the
>> address of an open proxy. On further investigation, it looks as though
>> the machine in question in infected with the subseven trojan.
>>
>> 82.12.200.25 resolves to cpc4-warw1-3-1-cust25.brhm.cable.ntl.com, part
>> of NTL here in the UK.
>
>You post this as if I care? Considering all the assholes, especially the
>mindless SPEWS supporters, that inhabit NANAE, they deserve the same harassment
>that any innocent person gets when they find that they've been blocked by some
>stupid SPEWS-using admin who thinks that everything listed in SPEWS' RBL is a
>spam source and doesn't truly know that SPEWS will list a netblock of many
>systems (e.g. 8192) just because there is ONE spammer source IP address in that
>block. The idiots and liars in NANAE deserve it.

I about pee'd my pants from laughing so hard when I read your post.
admins using SPEWS and not knowing about SPEWS, damn that's funny.

--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 22.05.2005 07:41:39 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 22.05.2005 16:39:53 von Mark Ferguson

On Sun, 22 May 2005 05:41:39 GMT, "D. Stussy"
wrote:

>On Sat, 21 May 2005, Mark Ferguson wrote:
>> I about pee'd my pants from laughing so hard when I read your post.
>> admins using SPEWS and not knowing about SPEWS, damn that's funny.
>
>Your control problems are your personal business.

More from you :-) Let me see if is funny or not.

>There are some that think that SPEWS is MERELY "just another RBL listing
>spammers" and don't know that such is not what it actually lists.

Now that is funny. Good thing my morning coffee was not that hot or I
would have burned myself.

> [Ask
>yourself about how admins find out about RBLs. Unless they visit and
>understand the SPEWS FAQ (complete with its contradictions), they will never
>learn that it is different.]

Any admin that does not know what a BL list does knows not to use it.
If the admin uses a BL that he has not investigated he most likely
should not be an andmin.

> SPEWS is a knee-jerk reaction on steroids that
>intentionally lists non-spammers as if those customers of the ISPs that the
>spammers "inhabit" have any say in the matter (they don't).

More funnies. Damn good thing I set my coffee down. I have a lot to
say to my ISP and they either listen or I instigate an uprising and a
mass exodus.

Customer loyalty only goes as far as company loyalty. I like my
provider and they _are_ _very__very__very__very_ anti-spam. If the
were listed in SPEWS I would leave and find another provider.

For them to get listed in SPEWS they would have to have spam eminate
from or for their customers.

They would then have to ignore complaints.

The spam would have to continue.

The complaints would have to continue to be ignored.

Only after this would I be affected by a SPEWS listing and at that
point my provider would be supporting a spammer and not worth my
loyalty so I would pack it in and find a reputable provider.

>A good selection of about 6-8 RBLs, a bayesian filter backend,

It is called content filtering and is okay if you wish to top spam
from being delivered to your inbox.

>and an
>identification system to identify (and block email from) dynamic IP assignments
>works

This works to prevent spam from being delivered to your inbox based on
the originating IP address if it is being sent from a Dial Up Pool.

>BETTER than using SPEWS

SPEWS stops spammers from being able to send it by getting providers
to terminate them.

I like the idea of stopping spammers from sending spam better then I
like the idea of stopping spam from being delivered in my inbox.

It is logical to think that if the spam was stopped from being sent
then there would be no need to stop it from being delivered in to your
inbox.

> because the false-positive rate will [always] be
>lower, due to SPEWS flawed target philosophy of including the non-spamming IPs.

SPEWS has had a couple of false positives over the years [lisitng IP
blocks not belonging to who SPEWS thought they belonged to] but they
corrected the information as soon as it was brought to their
attention. Other then that SPEWS has had no false positives I am
aware of.

Oh, you are talking about the other IP addresses that are
rented/leased to the ISP that spam is not originating from. That
isn't a false positive because that is the target, the provider.

Because the customer of the target is affected means what? They are
false positives? This means you know the intentions of SPEWS but you
knowingly lie, cheat and deceive thinking you will impugn the
reputation of those you dislike.

This is a common tactic used by the weak minded that truly believe
they are smarter then those around them. In this fashion you weak
minded prey on the lesser mind to get the end result you desire
instead of forcing those responsible, the provider to actually stop
supporting spammers.

This is the typical tactic of losers that don't have the
where-with-all to actually pull themselves up and rise above the
bullshit around them and do something to stop the abuse of others.

You are just typical scum and are deserving of the treatment you get
because you refuse to accept you are wrong even though you know you
are.

You are a liar, cheat, deceiver and in general a scumbag.

Anything else I can help you to clarify?

--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 22.05.2005 19:26:33 von Moris

"Mark Ferguson" wrote in message
news:bs4191t14q7jbfp8brjrg4pe0oi1r0gul9@4ax.com...

> Any admin that does not know what a BL list does knows not to use it.

Most server admins won't know the negative effects of spews on the Internet.

> If the admin uses a BL that he has not investigated he most likely
> should not be an andmin.

Most admins simply copy down names of BLs (blocklists) they have heard about
and start using them without giving further consideration.

> Customer loyalty only goes as far as company loyalty. I like my
> provider and they _are_ _very__very__very__very_ anti-spam.

So what? There are thousands of providers who are anti-spam and they don't
use spews, knowing its effect on innocent (read: non-spamming) email users.

> If they were listed in SPEWS I would leave and find another provider.

That's your own problem.

> For them to get listed in SPEWS they would have to have spam eminate
> from or for their customers.

Three-quarters of today's spam emanate from compromised machines. Spews has
no effect on those machines. Other BLs are.

[snipped: kook rants]

> SPEWS stops spammers from being able to send it by getting providers
> to terminate them.

BWAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

The best bullsh*it of the day... Spews stops nothing. It's soooo easy for a
spammer to find new channels.

You are really a thick-brain kiddo, Ferguson.

> I like the idea of stopping spammers from sending spam better then I
> like the idea of stopping spam from being delivered in my inbox.

Spews is ineffectual on both counts.

> SPEWS has had a couple of false positives over the years [lisitng IP
> blocks not belonging to who SPEWS thought they belonged to] but they
> corrected the information as soon as it was brought to their
> attention. Other then that SPEWS has had no false positives I am
> aware of.

That's a good one. Ferguson. Pity it's an old trick and you can't kid
anyone.

You are a conman because you should know that even the most reliable BLs can
produce false positives.

But your job as a brain-washed spews supporter is to bullsh*it and lie in
the hope that they may be swallowed by the uninitiated.

Those days are over.

> Oh, you are talking about the other IP addresses that are
> rented/leased to the ISP that spam is not originating from. That
> isn't a false positive because that is the target, the provider.

BWAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

You must have sworn to crack jokes today!

The target of spews is to blacklist and blackmail the innocent email users
and hosting providers.

> Because the customer of the target is affected means what? They are
> false positives?

Indeed, they are.

There are at least two victims in a false positive. One is the sender of the
non-spam email. The second, is the intended recipient of the non-spam email.

When someone sends a non-spam email and that email is blocked by a server
admin using the spews list, it is a false positive.

You should read up more about the Internet and the email system. You seem
pretty ignorant. Could it be that you are too stupid to grasp simple
concepts?

> This means you know the intentions of SPEWS

Which is to blacklist and blackmail the innocent email users and hosting
providers.

The crooks behind spews are abusers of the email system. That's why spews
must be scrutinized until its abuse stops.

You are just a typical spews scum because you refuse to accept you are wrong
even though you know you are.

You are a serial liar and a scumbag.

> Anything else I can help you to clarify?

People would prefer to consult a carpet worm than a dimwit.

FACT: Over 98% of IPs listed in spews are NON-SPAMMING.

THE ULTIMATE GOAL OF SPEWS IS TO BLACKLIST AND DEFAME LAWFUL (A.K.A.
NON-SPAMMING) EMAIL USERS AND SERVICE PROVIDERS.

Learn more about what spews actually is and does from these 37,000 Google
links:

http://www.google.com/search?num=100&hl=en&lr=lang_en&newwin dow=1&safe=off&c
2coff=1&q=spews+blocked

[ OR http://tinyurl.com/9ad8x ]

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 22.05.2005 20:11:38 von Mark Ferguson

On Sun, 22 May 2005 17:26:33 GMT, "Moris"
wrote:

>"Mark Ferguson" wrote in message
>news:bs4191t14q7jbfp8brjrg4pe0oi1r0gul9@4ax.com...
>
>> Any admin that does not know what a BL list does knows not to use it.
>
>Most server admins won't know the negative effects of spews on the Internet.
>
>> If the admin uses a BL that he has not investigated he most likely
>> should not be an andmin.
>
>Most admins simply copy down names of BLs (blocklists) they have heard about
>and start using them without giving further consideration.
>
>> Customer loyalty only goes as far as company loyalty. I like my
>> provider and they _are_ _very__very__very__very_ anti-spam.
>
>So what? There are thousands of providers who are anti-spam and they don't
>use spews, knowing its effect on innocent (read: non-spamming) email users.

Of course you have proof of this, oh what am I saying.... this is just
you pulling another moris :-)

>> If they were listed in SPEWS I would leave and find another provider.
>
>That's your own problem.

How is that a problem? Oops, I should know better then to put
anything in the form of a question for you.

>> For them to get listed in SPEWS they would have to have spam eminate
>> from or for their customers.
>
>Three-quarters of today's spam emanate from compromised machines. Spews has
>no effect on those machines. Other BLs are.

Of course your proof is nil while my proof is the entire news articles
about how SPEWS listed a major provider that actully is forcing them
to actually take action.

>[snipped: kook rants]

Relevent text magically reappears for Moris to answer or to snip again
when his mental abilities fail him again:

For them to get listed in SPEWS they would have to have spam eminate
from or for their customers.

They would then have to ignore complaints.

The spam would have to continue.

The complaints would have to continue to be ignored.

Only after this would I be affected by a SPEWS listing and at that
point my provider would be supporting a spammer and not worth my
loyalty so I would pack it in and find a reputable provider.

>> SPEWS stops spammers from being able to send it by getting providers
>> to terminate them.
>
>BWAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

And I too can say BWAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

>The best bullsh*it of the day... Spews stops nothing. It's soooo easy for a
>spammer to find new channels.

Then why do you worry if nobody is using SPEWS... never mind I forgot
you are just not smart enough to answer a question no matter how
simply it is.

>You are really a thick-brain kiddo, Ferguson.

Oh, I am just so angry at you :-) Drool becomes you Moris.

>> I like the idea of stopping spammers from sending spam better then I
>> like the idea of stopping spam from being delivered in my inbox.
>
>Spews is ineffectual on both counts.

You are of course correct sincce SPEWS does not block anything.

>> SPEWS has had a couple of false positives over the years [lisitng IP
>> blocks not belonging to who SPEWS thought they belonged to] but they
>> corrected the information as soon as it was brought to their
>> attention. Other then that SPEWS has had no false positives I am
>> aware of.
>
>That's a good one. Ferguson. Pity it's an old trick and you can't kid
>anyone.

Pity you are not able to post evidence of any of the claims you have
made.

>You are a conman because you should know that even the most reliable BLs can
>produce false positives.

I already stated SPEWS has had false positives. It is you that are
dishonest in your defining of what a false positive is.

>But your job as a brain-washed spews supporter is to bullsh*it and lie in
>the hope that they may be swallowed by the uninitiated.

My job, as others have claimed is not good enough is to deliver and
install appliances and furniture.

>Those days are over.

You do keep saying that and everybody keeps posting. How do you mean
those days are over? Am I going to win the lottery or in some other
way become independantly wealthy?

>> Oh, you are talking about the other IP addresses that are
>> rented/leased to the ISP that spam is not originating from. That
>> isn't a false positive because that is the target, the provider.
>
>BWAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

Again I can go BWAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

>You must have sworn to crack jokes today!

I haven't touched you Moris.

>The target of spews is to blacklist and blackmail the innocent email users
>and hosting providers.

You keep claiming this yet you have never posted proof. Is it your
intention to just continue to make false claims hoping somebody,
somewhere will believe you or are you going to actually post real
evidence? I know, a question that will go unanswered.

>> Because the customer of the target is affected means what? They are
>> false positives?
>
>Indeed, they are.

Nope. To define a false positive you must ask the lister. Since the
criterea is quie clear as to how an IP address gets listed and how and
why the list is expanded your claim does not hold water, e.g. an
upturned glass.

>There are at least two victims in a false positive. One is the sender of the
>non-spam email. The second, is the intended recipient of the non-spam email.

The IP addresses listed are rented/leased by the person listed so it
is not a false positive. If the IP addresses were leased/rented by
some other provider then it would be a false positive.

>When someone sends a non-spam email and that email is blocked by a server
>admin using the spews list, it is a false positive.

When the IP listed is not leased or rented by the intended listee it
is a false positive. Since the non-spam email is sent from an IP
leased or rented from the provider that was intended to be listed it
is not a false positive, but since you already know this and are so
dishonest that you cannot conceed this as fact you are simply a liar,
a cheat and a deciever.

>You should read up more about the Internet and the email system. You seem
>pretty ignorant. Could it be that you are too stupid to grasp simple
>concepts?

The email systems have nothing to do with the reasons SPEWS list IP
address. If the IP address is sending spam or hosting spammers the IP
addy is listed. If the problem persist then the list is expanded as
per SPEWS' FAQ.

This has nothing to do with email or anything except their rules for
an IP address being listed. You know this but are so dishonest you
need to lie, cheat and decieve.

>> This means you know the intentions of SPEWS
>
>Which is to blacklist and blackmail the innocent email users and hosting
>providers.

To stop spammers.

>The crooks behind spews are abusers of the email system. That's why spews
>must be scrutinized until its abuse stops.

Proof of course of this would be a good place to start but since I
know you to be a liar, a cheat and a deciever I know I will never see
it.

>You are just a typical spews scum because you refuse to accept you are wrong
>even though you know you are.

For me to accept I am wrong is simply a matter of you showing me I am
in error. You fail to answer questions, you lie, you cheat, you
intentionally decieve but you have never shown me were I was in error.

If you wish me to accept I am in error then show me where my error(s)
are.

>You are a serial liar and a scumbag.

Of course you can show me were I have lied.

>> Anything else I can help you to clarify?
>
>People would prefer to consult a carpet worm than a dimwit.

You speak for all I see :-)

>FACT: Over 98% of IPs listed in spews are NON-SPAMMING.

That are rented by or leased by the intended target of each and every
listing SPEWS makes.

>THE ULTIMATE GOAL OF SPEWS IS TO BLACKLIST AND DEFAME LAWFUL (A.K.A.
>NON-SPAMMING) EMAIL USERS AND SERVICE PROVIDERS.

Proof is just too much for anybody to ask.

>Learn more about what spews actually is and does from these 37,000 Google
>links:
>
>http://www.google.com/search?num=100&hl=en&lr=lang_en&newwi ndow=1&safe=off&c
>2coff=1&q=spews+blocked

This means others find SPEWS lists helpful and use them to protect
themselves... it is a good thing.

>[ OR http://tinyurl.com/9ad8x ]
>
>
--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.05.2005 01:38:55 von Moris

"Mark Ferguson" wrote in message
news:k5h191h4dqfq54i5l2roegn9ne4c6bh823@4ax.com...

> > On Sun, 22 May 2005 17:26:33 GMT, "Moris"
> > wrote:
> >
> > There are thousands of providers who are anti-spam and they
> > don't use spews, knowing its effect on innocent (read:
> > non-spamming) email users.

> Of course you have proof of this, oh what am I saying.... this is
> just you pulling another moris :-)

Nice joke, but no jelly for you...

As a brain-washed spews fanatic your job is to defend the fugitive
fuc*khole behind spews. You are part of the fraud that is called
spews.

Server admins are well aware of spews and the dangers of using it.

Heck, even SpamAssassin has removed spews from its blocklist tests
after massive complaints from its users for generating huge amounts of
false positives.

See what the owner of another email blocklist has to say about spews:
"Prior to today, the spews database was included in the
t1.dnsbl.net.au aggregate zone. After suggestions from subscribers, I
have decided to only include 'safe' data in the t1 aggregate zone.
This means that the spews data, is no longer included in the t1
aggregate zone."

Another proof of spews being found unsafe for email spam filtering.

Look at all those tens of thousands of spews victims in the Google
links in my previous post.

And remember how Outblaze.com kicked spews out of its 30 million
mailboxes after it found that spews not only was ineffective in
reducing spam, but it was also causing legitimate emails to disappear.

The case against spews is all around you. You can easily see the
proof, unless you are a blind-folded spews fanatic, that is.

[snipped kook screech from a spews fanatic]

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.05.2005 03:40:50 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.05.2005 03:54:28 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.05.2005 04:21:12 von Mark Ferguson

On Mon, 23 May 2005 01:54:28 GMT, "D. Stussy"
wrote:

>On Sun, 22 May 2005, Mark Ferguson wrote:
>> On Sun, 22 May 2005 17:26:33 GMT, "Moris" wrote:
>> >...
>> >Spews is ineffectual on both counts.
>>
>> You are of course correct sincce SPEWS does not block anything.
>
>But use of SPEWS is to cause blocking.

A clear choice made by informed admins and _not_ the SPEWS admins.
You use circular logic in this.

> You know very well what he was saying,
>semantics aside.

The data you use is flawed, you know this and still you use it. Is
there any chance your conclusion does not share teh same flaws as your
data, only to a greater degree?

>> >You are a conman because you should know that even the most reliable BLs can
>> >produce false positives.
>>
>> I already stated SPEWS has had false positives. It is you that are
>> dishonest in your defining of what a false positive is.
>
>But you ignored the fact that while the use of other anti-spam systems
>maximize spam-identification while minimizing the impact on legitimate mail,
>SPEWS' design of what they list maximizes both spam source identification and
>its inteference with legitimate mail.

Other BL simply stop spam from reaching your inbox. SPEWS might be
looking at the bigger picture and so might the admins and companies
that use SPEWS. That bigger picture might be to stop spam from being
sent so their is no need for other BL.

>Whether an e-mail is spam or legitimate is determined solely by CONTENT,

The determining facture of spam in every difintion I have heard with
the exception of spammers and the DMA [the same mentality IMHO] begins
with the word "Unsolicited".

Now I am unsure how you stretched this to mean content instead of
consent is beyond my meager abilities to rationalize. Maybe it was
simple spelling error on your part or you could elaborate how you
confused the two words.

>not
>its source.

Every spam/ube/uce/etc... originates from a source IP address and
while the source IP is never the defining requisite for spam it is a
good place to block if you wish to prevent more of it.

> It may be that historically, most spam originates from the same
>source collection, but with the "popularity" of compromised machines, such will
>soon cease to be true.

Thankfully SPEWS listed enough of BLUEYONDER to get their attention
and the attention of the news media to get that mess cleaned up.

> It is only the SPEWS-user who wishes to define mail
>legitimacy in a way that differs from the usage of everyone else.

Well since it the SPEWS user that is the admin oe owner of the
machines being protected by SPEWS that only seems right and fair.

Thank you for making that clear.

>> >The target of spews is to blacklist and blackmail the innocent email users
>> >and hosting providers.
>>
>> You keep claiming this yet you have never posted proof. Is it your
>> intention to just continue to make false claims hoping somebody,
>> somewhere will believe you or are you going to actually post real
>> evidence? I know, a question that will go unanswered.
>
>SO, all those complaints to NANAE coming from non-spammers aren't proof?

You did say "innocent hosting providers" and "innocent email users".

The provider that allows spam from his network for money or because it
is to expensive to clean up the mess is not innocent.

The end user that knowingly supports spam supporting ISP's is not
innocent either.

You provide circular logic and nothing more.

SPEWS is blocking email when you know SPEWS blocks nothing.

Those admins that use SPEWS don't know what SPEWS is.

The ISP that has spammers and ignore complaints is innocent and not
responsable for their network being listed in blacklists.

Not of your points hold water and if they were an upturned glass.

--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.05.2005 06:23:35 von unknown

Post removed (X-No-Archive: yes)

Re: Famous Hacker Uses Challenge-Responses

am 23.05.2005 06:47:40 von Alan Connor

On comp.mail.misc, in , "D. Stussy" wrote:

>>On comp.mail.misc, in
>> >>thlink.net>, "Alan Connor" wrote:
>>> http://spamarrest.com/pressoffice/news/index.jsp
>>>
>>>
>>>
>>> Famed hacker endorses Spam Arrest Toronto Star -
>>> August 4, 2003 So what does [Kevin] Mitnick, former
>>> hacker supremo, use to guard against spam? "I use
>>> Spam Arrest," he told The Guardian. "Any legitimate
>>> person who wants to send me a message has to jump
>>> through hoops before they can be added to my opt-in
>>> list." Read more...
>>>
>>
>>
>

>>The above fails to mention that Kevin Mitnick is one
>>of the world's leading computer security consultants
>>and that Spam Arrest is a Challenge-Response System.
>>
>>These have now been adopted by Earthlink and other
>>ISPs as one of their standard spamfighting tools
>>because spammers and trolls can't beat them and they
>>take almost no maintenance (that which is required is
>>very simple and takes a few minutes a week at most).
>>
>>
>

What you are seeing here is garbage posted by trolls
and spammers (their sockpuppets, because they are
petty criminals who can't use their real names or even
consistent aliases) who HATE Challenge-Response
Systems because they cannot beat them.

I use one, and all of the garbage they send to me
every day goes completely un-noticed by me unless
I have a reason to check my logs.

This bothers the poor cretins a great deal.

They are used to being able to flood the mailboxes
of anyone they choose with spam or abuse or worse.

Mail me:
alanconnor AT earthlink DOT net

But if you don't Use your real return address
I won't even know you even tried.

http://tinyurl.com/2t5kp

Go ahead and use a conventional spam filter. These
creeps are the world's foremost experts in their
use, which is why you get spam and lose mail that
you want to get.

AC

--
Please visit my home page:
http://angel.1jh.com./nanae/kooks/alanconnor.html

Re: Famous Hacker Uses Challenge-Responses

am 23.05.2005 12:16:50 von Tony Lawrence

Alan Connor wrote:

>
>
> What you are seeing here is garbage posted by trolls
> and spammers (their sockpuppets, because they are
> petty criminals who can't use their real names or even
> consistent aliases) who HATE Challenge-Response
> Systems because they cannot beat them.

I'm not a sockpuppet, my real name is at the bottom of these posts, and
so is my real website, which you can follow to obtain my real email
address if you need to reach me in that manner.

I don't like challenge response systems because I don't want to put
barriers in front of people who need to send me email. On a technical
level, it's a lousy answer to the spam problem, but that's a secondary
objection: primarily I don't like it because it hassles legitimate
inquiries from new customers and therefor is completely unsuitable for
business use.

As to HATE, well, I do have strong dislike for net-kooks like you who
think the world is against them because only you have the truth, the
way, and the answer to all questions. You need help with your paranoid
fantasies, but you'll probably never seek that.

--
Tony Lawrence
Unix/Linux/Mac OS X resources: http://aplawrence.com

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.05.2005 13:25:17 von Moris

"Mark Ferguson" wrote in message
news:rie291tu8kle419lba5coj7pcbjd2hcoul@4ax.com...

> Other BL simply stop spam from reaching your inbox. SPEWS might be
> looking at the bigger picture and so might the admins and companies
> that use SPEWS. That bigger picture might be to stop spam from
> being sent so their is no need for other BL.

Spews has done NOTHING to abate spam (not even 1 iota) in all 4 years
of its existence. And that's a fact.

If you have proof to the contrary, let us know!

> Well since it the SPEWS user that is the admin oe owner of the
> machines being protected by SPEWS that only seems right and fair.

That is a fallacy perpetuated by the criminal behind spews and its
disciples (like you). Spews does not protect a mail server! To the
contrary, it creates all sorts of problems because of its very high
propensity for false positives.

Let's remember that over 98% of IP addresses blacklisted by spews are
NON-SPAMMING.

And in fact, there isn't a single blocklist that can protect a mail
server 100%.

> You did say "innocent hosting providers" and "innocent email users".
>
> The provider that allows spam from his network for money or because
> it is to expensive to clean up the mess is not innocent.

That is another fallacy from spews... Hundreds of non-spamming HSPs
(hosting service providers) and ISPs are blacklisted in spews for no
reason. And you know it!

Not only that, some of the spews evidence files date back to 2002 and
have never been updated.

> The end user that knowingly supports spam supporting ISP's is not
> innocent either.

Yet another fallacy from a moronic spews fanatic... Do what D. Stussy
has suggested. Hold a survey amongst those innocents and find out how
wrong you are! But wait, you can't! You have those innocent email
users blocked... thanks to spews!

Let's face it, you are one of a few scums left in NANAE spewing bogus
spews propaganda. You have no chances of survival!

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.05.2005 14:13:15 von Alan Connor

On comp.mail.misc, in
, "Moris" wrote:

> "Mark Ferguson" wrote in message
> news:rie291tu8kle419lba5coj7pcbjd2hcoul@4ax.com...
>
>> Other BL simply stop spam from reaching your inbox. SPEWS
>> might be looking at the bigger picture and so might the admins
>> and companies that use SPEWS. That bigger picture might be to
>> stop spam from being sent so their is no need for other BL.
>
> Spews has done NOTHING to abate spam (not even 1 iota) in all 4
> years of its existence. And that's a fact.
>
> If you have proof to the contrary, let us know!
>
>> Well since it the SPEWS user that is the admin oe owner of the
>> machines being protected by SPEWS that only seems right and
>> fair.
>
> That is a fallacy perpetuated by the criminal behind spews
> and its disciples (like you). Spews does not protect a mail
> server! To the contrary, it creates all sorts of problems
> because of its very high propensity for false positives.
>
> Let's remember that over 98% of IP addresses blacklisted by
> spews are NON-SPAMMING.
>
> And in fact, there isn't a single blocklist that can protect a
> mail server 100%.
>
>> You did say "innocent hosting providers" and "innocent email
>> users".
>>
>> The provider that allows spam from his network for money
>> or because it is to expensive to clean up the mess is not
>> innocent.
>
> That is another fallacy from spews... Hundreds of non-spamming
> HSPs (hosting service providers) and ISPs are blacklisted in
> spews for no reason. And you know it!
>
> Not only that, some of the spews evidence files date back to
> 2002 and have never been updated.
>
>> The end user that knowingly supports spam supporting ISP's is
>> not innocent either.
>
> Yet another fallacy from a moronic spews fanatic... Do what
> D. Stussy has suggested. Hold a survey amongst those innocents
> and find out how wrong you are! But wait, you can't! You have
> those innocent email users blocked... thanks to spews!
>
> Let's face it, you are one of a few scums left in NANAE spewing
> bogus spews propaganda. You have no chances of survival!
>

They claim to want to end spam, but they do exactly what the
post office does with junk mail: They facilitate it.

They just aren't HONEST about it. Instead of promoting the
use of Challenge-Response Systems, which would truly end
email if only half the people used them (or less), they
promote the use of strategies and software that the spammers
can easily beat.

Another strategy that would be even better than
Challenge-Response Systems would be to re-write the SMTP
protocol, cutting out all the loop-holes that spammers use.

But until that is done, Challenge-Response Systems are
the only type of filters that really eliminate spam, because
they reject anonymous mail.

Which is what MTA's in the SMTP network should do....

That's why Earthlink and other ISPs are offering them
to their clients now, and why the famous hacker, Kevin
Mitnick (now one of the world's leading computer
security consultants) use them, and all sorts of
interesting software is being produced that utilizes
Challenge-Responses:

http://spamarrest.com/
www.deerfield.com/products/visnetic-mailserver/spam_preventi on/
www.tvtechnology.com/features/ Net-soup/f_fb_netsoup-01.07.04.shtml

And that's just for starters. There are a LOT more.

AC

--
Please visit my home page:
http://angel.1jh.com./nanae/kooks/alanconnor.html

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.05.2005 14:56:19 von Mark Ferguson

On Mon, 23 May 2005 04:23:35 GMT, "D. Stussy"
wrote:

>On Sun, 22 May 2005, Mark Ferguson wrote:
>> On Mon, 23 May 2005 01:54:28 GMT, "D. Stussy" wrote:
>> >On Sun, 22 May 2005, Mark Ferguson wrote:
>> >> On Sun, 22 May 2005 17:26:33 GMT, "Moris" wrote:
>> >> >...
>> >> >Spews is ineffectual on both counts.
>> >>
>> >> You are of course correct sincce SPEWS does not block anything.
>> >
>> >But use of SPEWS is to cause blocking.
>>
>> A clear choice made by informed admins and _not_ the SPEWS admins.
>> You use circular logic in this.
>
>No, I don't. SPEWS is a blocklist and you know it.

SPEWS is a list of IP address that meet a certain criterea. What
admins do with said list they themselves decide.

Some use the list to block email, some use the list to tag email and I
have even seen list use to block all packets.

Their choice how they use a list after all.

>> > You know very well what he was saying,
>> >semantics aside.
>>
>> The data you use is flawed, you know this and still you use it. Is
>> there any chance your conclusion does not share the same flaws as your
>> data, only to a greater degree?
>
>What data were that?

The list are specific in their use.
The admins are uninformed as to what is on the list.
Etc....

>> >> >You are a conman because you should know that even the most reliable BLs can
>> >> >produce false positives.
>> >>
>> >> I already stated SPEWS has had false positives. It is you that are
>> >> dishonest in your defining of what a false positive is.
>> >
>> >But you ignored the fact that while the use of other anti-spam systems
>> >maximize spam-identification while minimizing the impact on legitimate mail,
>> >SPEWS' design of what they list maximizes both spam source identification and
>> >its inteference with legitimate mail.
>>
>> Other BL simply stop spam from reaching your inbox. SPEWS might be
>> looking at the bigger picture and so might the admins and companies
>> that use SPEWS. That bigger picture might be to stop spam from being
>> sent so their is no need for other BL.

Hint: ^^^^^^^^^^^^^^^^^^^^^^^^^^

>So you wish. SPEWS does not list compromised machines that are on dynamic
>allocations - so it can't cause "no need for other BLs."

I guess you try and twist words like AC, Moris and others. Do I need
to repeat what I wrote or are you going to read what I wrote?

>> >Whether an e-mail is spam or legitimate is determined solely by CONTENT,
>>
>> The determining facture of spam in every difintion I have heard with
>> the exception of spammers and the DMA [the same mentality IMHO] begins
>> with the word "Unsolicited".
>
>There are many types of unsolicited mail.

And it is wrong.

> ANY mail that is not a reply to some
>other mail is unsolicited, even those to your friends (assume you have one) or
>relatives (assume they haven't disowned you), absent some other form of
>communication requesting it.

More flawed data leads to more flawed conclusions. Prior relationship
pretty much means the email are solicited or at least accepted.

> For it to be spam, it ALSO has to be advertising
>something (a web site, a product, etc.) or soliciting something (e.g.
>charitable giving, voting for a candidate, identity theft [Yes, I consider
>"phishing" a form of spam], etc.) - and that's determined by CONTENT.

Yet more false information. To be spam, as defined by a few here in a
narrow view it has to be sent in bulk and the content again is
irrelevent.

>Some people DO want to hear from the public at large, or from a distant
>relative they didn't know they had (or know the mailbox of), etc. Those are
>unsolicited yet acceptable - NOT ALL unsolicited mail is spam; there's more to
>it.

And content does not matter.

>> Now I am unsure how you stretched this to mean content instead of
>> consent is beyond my meager abilities to rationalize. Maybe it was
>> simple spelling error on your part or you could elaborate how you
>> confused the two words.
>
>No error here.

Just ignorance of facts.

>> >not
>> >its source.
>>
>> Every spam/ube/uce/etc... originates from a source IP address and
>> while the source IP is never the defining requisite for spam it is a
>> good place to block if you wish to prevent more of it.
>
>Until you find out that your Uncle Joe also uses that same source IP address....

That would be uncle Joe's problem and not mine. I could email him but
he would need to find another way to email me.

If you think I would make an exception for family you are sadly
mistaken. But it seems you are sadly mistaken about a reat amny
thing.

>> > It may be that historically, most spam originates from the same
>> >source collection, but with the "popularity" of compromised machines, such will
>> >soon cease to be true.
>>
>> Thankfully SPEWS listed enough of BLUEYONDER to get their attention
>> and the attention of the news media to get that mess cleaned up.
>
>So, if SPEWS were to list 0.0.0.0/0, then would that clear up the entire
>Internet overnight? :-)

And it you were to quit breathing through the straw you have stuck out
of your ass it would end things even more quickly for you. Say a
couple of minutes. You would either perish of suffication or finally
removed your head from your ass.

>> > It is only the SPEWS-user who wishes to define mail
>> >legitimacy in a way that differs from the usage of everyone else.
>>
>> Well since it the SPEWS user that is the admin oe owner of the
>> machines being protected by SPEWS that only seems right and fair.
>>
>> Thank you for making that clear.
>>
>> >> >The target of spews is to blacklist and blackmail the innocent email users
>> >> >and hosting providers.
>> >>
>> >> You keep claiming this yet you have never posted proof. Is it your
>> >> intention to just continue to make false claims hoping somebody,
>> >> somewhere will believe you or are you going to actually post real
>> >> evidence? I know, a question that will go unanswered.
>> >
>> >SO, all those complaints to NANAE coming from non-spammers aren't proof?
>>
>> You did say "innocent hosting providers" and "innocent email users".
>>
>> The provider that allows spam from his network for money or because it
>> is to expensive to clean up the mess is not innocent.
>>
>> The end user that knowingly supports spam supporting ISP's is not
>> innocent either.
>
>Prove that these other customers of a given ISP KNOW that their ISP is
>harboring a spammer.

All the people coming here complaining about SPEWS get a wake up call
explaining why their IP addresses are listed. All the individual that
check the reject email that provides a link to SPEWS and just about
every rejected email has a link to the BL and usually to the URL with
the pertinant information as to why their IP address is listed.

> Have you asked them? What did they say? [OH, little
>problem, SPEWS-droid: You can't get their replies because you blocked them.]
>So, where is your proof that they KNOWINGLY support a spam-supporting ISP?

Such anger. You might want to get that looked at.

>You assume that any and all non-spamming clients of a spam-supporting ISP know
>that their provider is a spam-supporter, and thus they are not innocent
>bystanders collaterally damaged by those who use SPEWS to block their
>legitimate mail. Your proof is? [Magic 8-balls don't count.]

I am just so happy you are psychic. Do you take it on the road and
make money from that talent? You should not let your talent go to
waste.

>> You provide circular logic and nothing more.
>> SPEWS is blocking email when you know SPEWS blocks nothing.
>
>I know that SPEWS (as with any DNSBL) is used to identify e-mail to be blocked.
>I never said that SPEWS itself performs the action.
>
>> Those admins that use SPEWS don't know what SPEWS is.
>
>You said it! That's the problem: If at least one admin who configures his
>system to use SPEWS doesn't know what SPEWS lists, that proves my original
>statement.

I left out my sarcasm tag. No you said admin(s), as in plural and a
single admin that uses something they have not investigated should not
be an admin.

>> The ISP that has spammers and ignore complaints is innocent and not
>> responsable for their network being listed in blacklists.
>
>I didn't say that the ISP itself was innocent. I stated that its non-spamming
>customers were, unless you can prove otherwise (which you can't as
>demonstrated above).

You said innocent hosting providers which is an ISP so you don't get
to back track unless you wish to retract that.

>> Not of your points hold water and if they were an upturned glass.
>
>And none of your points do.

A claim of fact does not make it so unless you of course provide
evidence to back it up. You have not done this so your claims do not
hold water.

--
Mark

Re: Famous Hacker Uses Challenge-Responses

am 23.05.2005 15:05:36 von Mark Ferguson

On Mon, 23 May 2005 04:47:40 GMT, Alan Connor wrote:

>On comp.mail.misc, in , "D. Stussy" wrote:
>
>
>
>>>On comp.mail.misc, in
>>> >>>thlink.net>, "Alan Connor" wrote:
>>>> http://spamarrest.com/pressoffice/news/index.jsp
>>>>
>>>>
>>>>
>>>> Famed hacker endorses Spam Arrest Toronto Star -
>>>> August 4, 2003 So what does [Kevin] Mitnick, former
>>>> hacker supremo, use to guard against spam? "I use
>>>> Spam Arrest," he told The Guardian. "Any legitimate
>>>> person who wants to send me a message has to jump
>>>> through hoops before they can be added to my opt-in
>>>> list." Read more...
>>>>
>>>
>>>
>>
>
>
>
>>>The above fails to mention that Kevin Mitnick is one
>>>of the world's leading computer security consultants
>>>and that Spam Arrest is a Challenge-Response System.
>>>
>>>These have now been adopted by Earthlink and other
>>>ISPs as one of their standard spamfighting tools
>>>because spammers and trolls can't beat them and they
>>>take almost no maintenance (that which is required is
>>>very simple and takes a few minutes a week at most).
>>>
>>>
>>
>
>
>
>What you are seeing here is garbage posted by trolls
>and spammers (their sockpuppets, because they are
>petty criminals who can't use their real names or even
>consistent aliases)

Really? I have been using this aliase for 42 years and everybody
knows me by it. Sure would be a shame to have to change it now
because you are so stupid as to claim I am some spammer.

Proof is a good thing dip shit.

> who HATE Challenge-Response
>Systems because they cannot beat them.

Because while they stop spam they create other issues that you are too
stupid to see. You are not ignorant Alan, you are passed that and
well into stupid. In fact you seem to be stuck there, on stupid that
is.

Why is it you refuse to see the problems challange and response
creates?

>I use one, and all of the garbage they send to me
>every day goes completely un-noticed by me unless
>I have a reason to check my logs.

Check your logs to see if I ever sent you any email and you will find
zero entires. You are not worth emailing. You are unable to grasp
the concept that you are wrong.

I would never use a challange and response system because I would
never respond to a challange from anybody even if I really wanted to
email them. With this in mind why would I expect anybody else to
respond to a challange from a system I was using?

Truth is I wouldn't and that means those folks would not be in contact
with me and the challange response system is just not worth the
headache to me.

Has nothing to do with the fact it can be used for abuse.

>This bothers the poor cretins a great deal.

Coming from you Alan I find that refreshing. The opinion of a
complete asshole and moron.

>They are used to being able to flood the mailboxes
>of anyone they choose with spam or abuse or worse.

If you had proof of course you would have posted it, but since you
have no proof of anything you claim you are pulling a moris.

>
>AC

--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.05.2005 15:17:54 von Mark Ferguson

On Mon, 23 May 2005 12:13:15 GMT, Alan Connor wrote:

>That's why Earthlink and other ISPs are offering them
>to their clients now, and why the famous hacker, Kevin
>Mitnick (now one of the world's leading computer
>security consultants) use them

Always place your trust in a cracker.

hacker is a writer as in Journalist, code writer, etc....

cracker is an individual that cracks into safes, computer systems,
etc...

I realize you are not the smartest being on the planet but you use the
terms as if they are interchangeable as does the news media which
bastardized the terms in the first place. They did this out of
ignorance as they have done with so many words.

You are stupid Alan.

--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.05.2005 15:37:39 von Sam

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.05.2005 16:03:34 von Mark Ferguson

On Mon, 23 May 2005 01:40:50 GMT, "D. Stussy"
wrote:

>On Sun, 22 May 2005, Mark Ferguson wrote:
>> On Sun, 22 May 2005 05:41:39 GMT, "D. Stussy" wrote:
>> >On Sat, 21 May 2005, Mark Ferguson wrote:
>> >> I about pee'd my pants from laughing so hard when I read your post.
>> >> admins using SPEWS and not knowing about SPEWS, damn that's funny.
>> >
>> >Your control problems are your personal business.
>>
>> More from you :-) Let me see if is funny or not.
>>
>> >There are some that think that SPEWS is MERELY "just another RBL listing
>> >spammers" and don't know that such is not what it actually lists.
>>
>> Now that is funny. Good thing my morning coffee was not that hot or I
>> would have burned myself.
>>
>> > [Ask
>> >yourself about how admins find out about RBLs. Unless they visit and
>> >understand the SPEWS FAQ (complete with its contradictions), they will never
>> >learn that it is different.]
>>
>> Any admin that does not know what a BL list does knows not to use it.
>> If the admin uses a BL that he has not investigated he most likely
>> should not be an andmin.
>
>I don't disagree with that.

Your disagreement does not change facts or reality. It simply means
you do not agree with it.

> However, I'm willing to bet that there are some
>"admins" (term used very loosely) that DO use certain RBLs (including DNSBLs)
>without knowing exactly what they list.

Then they most likely are incompitent and should not be admins as I
just stated.

> All I need is to find ONE such person
>to prove my case - while you have to show that no such person exists (or can
>exist).

I do not have to prove anything because I never made the claim. You
did.

>Although SPEWS' operators claim that they don't act on newsgroup posts (from
>the SPEWS' FAQ), others have claimed that they nevertheless do read NANAE.
>Therefore, I will assume that whoever operates SPEWS may read this.

Or may have killfiled you a very long time ago. What ego would lead
you to believe you have anything others would find either interesting
or important?

I figure I am in a few killfiles.

>Why not set up a survey of all SPEWS users? We can identify them from the IP
>addresses of their DNS servers when they query SPEWS.

Wouldn't you need access to the logs from SPEWS to do that? What
incentive would SPEWS for outing their confidential data? What of the
confidential data of the mirriors of SPEWS that are used?

The idea is stupid and unworkable not to mention outing the SPEWS
users is unethical.

> Therefore, it shouldn't
>be too hard to e-mail each-and-every one of them (using the postmaster mailbox
>of their domain) and ask them a set of survey questions.

Invade the privacy of the SPEWS users and then spam the SPEWS users.
Your idea just keeps getting better.

> Since they all use
>SPEWS, they "do business" with SPEWS so under most anti-spamming laws, the
>unsolicited contact would NOT be spam.

You just hate SPEWS so much that you disregard everything else. You
sound like Moris, Son SPot and a few others.

> Should any of them respond to the
>survey with an answer of "no" to the question of "Did you know that SPEWS may
>list non-spammers' IP addresses that share a provider with a listed spammer?",
>then my statement is precisely validated.

How about we do a survey of those that hate SPEWS. We can get their
email addresses from the posts in NANAE/S/BL/etc... and spam them with
this survey.

We can asked them questions like.

1. Is it SPEWS fault others agree with them?
2. What responsability do you attribute to spammers for BL?

Anybody wish to add the question for the survey we should spam the
SPEWS haters club?

>> > SPEWS is a knee-jerk reaction on steroids that
>> >intentionally lists non-spammers as if those customers of the ISPs that the
>> >spammers "inhabit" have any say in the matter (they don't).
>>
>> More funnies. Damn good thing I set my coffee down. I have a lot to
>> say to my ISP and they either listen or I instigate an uprising and a
>> mass exodus.
>
>A "mass exodus" also requires that these legitimate, non-spammer customers have
>another place to go.

There are always other places to go unless you live in a majorly
unihabited part of the world that has been left undeveloped, which
there are places that are like that.

Just not really here in the US.

> Perhaps you are unaware that in some regions, providers
>have insufficient supply for the demand of hosting and that there are waiting
>lists.

Hosting is an easy one. Hosting can be done anywhere and by anybody
you choose. It is the dialup account which usually controls the IP
address from where your email comes from that is the big issue.

You are attempting to obfuscate the issues or you just are ignorant.

> Such was the case 2 years ago when my friends and I had to find a new
>provider when our old one went bankrupt and out of business. We were lucky in
>that we were able to act quickly - but others we knew from that facility are
>still wait-listed.

And this means what exactly?

>> Customer loyalty only goes as far as company loyalty. I like my
>> provider and they _are_ _very__very__very__very_ anti-spam. If the
>> were listed in SPEWS I would leave and find another provider.
>
>And if there were no other provider in your area?

Then I guess you are screwed huh.

>> For them to get listed in SPEWS they would have to have spam eminate
>> from or for their customers.
>
>All it seems to take is exactly ONE spammer customer. That will never justify
>listing the entire netblock - with the other 4,000 non-spammers also being
>blocked as a result of using the list.

If they do not term the spammer yes. It is not the rest of the net's
responsability to accept spam from your provider just so you and 3999
other customers can send email unobstructed.

Use a free online email account to send and recieve email.
Complain to your provider hourly, daily....

The squeaky wheel gets the grease.

>> They would then have to ignore complaints.
>> The spam would have to continue.
>> The complaints would have to continue to be ignored.
>>
>> Only after this would I be affected by a SPEWS listing and at that
>> point my provider would be supporting a spammer and not worth my
>> loyalty so I would pack it in and find a reputable provider.
>
>Still, only takes one spammer - and causes collateral damage to 2^12
>non-spammers.

Your point is what exactly? It is not the rest of the webs fault my
provider cannot term a spammers. I will not make it the rest of the
web's responsability either.

If I had no alternative but to use a spam friendly company as a dial
up provider I would damn sure not use them for anything else and I
would be complaining daily to their support email address and
telephone number, I would be posting in their internal NG's bitching
about why they are so spam friendly and the damage it is causing me,
the extra money it is costing me.

Eventually somebody else would provide service in the area and I would
jump ship and take as many others with me as I could.

>> >A good selection of about 6-8 RBLs, a bayesian filter backend,
>>
>> It is called content filtering and is okay if you wish to top spam
>> from being delivered to your inbox.
>>
>> >and an
>> >identification system to identify (and block email from) dynamic IP assignments
>> >works
>>
>> This works to prevent spam from being delivered to your inbox based on
>> the originating IP address if it is being sent from a Dial Up Pool.
>>
>> >BETTER than using SPEWS
>>
>> SPEWS stops spammers from being able to send it by getting providers
>> to terminate them.
>
>Obviously, such is INEFFECTIVE. Otherwise, SPEWS would have existed for a
>short time, with all ISPs thereafter canning their spammers, then not need to
>exist any longer. The continued existence of SPEWS demonstrates its
>ineffectiveness.

So you say. My guess is more like spammers lie about who they are
[false names and other information] and what it is they do. then they
move in and then the new provider, unless they act on complaints gets
listed in SPEWS.

Takes time to list and unlist the entire net over and over again
because sales drones don't exercise due dilligence when checking new
large customers.

> As I have stated previously to NANAE and c.m.m, it is the
>flawed philosophy of SPEWS which is the defect.

Stating something and then proving it as fact are two diffent things.

>> I like the idea of stopping spammers from sending spam better then I
>> like the idea of stopping spam from being delivered in my inbox.
>
>Then write your government representative to make it illegal AND provide a
>source of funding for enforcement costs. Until it's internationally illegal,
>it will continue.

Why write when I have the telephone numbers of the state legislator
responsable for the anti-spam law that California wrote and passed?

The one that the DMA and Microsoft themselves tried so hard to squash.

>> It is logical to think that if the spam was stopped from being sent
>> then there would be no need to stop it from being delivered in to your
>> inbox.
>>
>> > because the false-positive rate will [always] be
>> >lower, due to SPEWS flawed target philosophy of including the non-spamming IPs.
>>
>> SPEWS has had a couple of false positives over the years [lisitng IP
>> blocks not belonging to who SPEWS thought they belonged to] but they
>> corrected the information as soon as it was brought to their
>> attention. Other then that SPEWS has had no false positives I am
>> aware of.
>
>Brought to SPEWS' attention HOW?

I think the SPEWS FAQ says something about posting here and in another
NG. Since I have never been listed in SPEWS I have never needed to
read the FAQ.

> Remember that they don't have inbound email
>service nor act on newsgroup posts.....

What does the FAQ say?

>> Oh, you are talking about the other IP addresses that are
>> rented/leased to the ISP that spam is not originating from. That
>> isn't a false positive because that is the target, the provider.
>
>Which is clearly different from what the other RBLs list....

Most BL target the IP address the spam originates from and not the
provider unless it is clear the provider is aiding the spammers with
musical IP's.

>> Because the customer of the target is affected means what? They are
>> false positives? This means you know the intentions of SPEWS but you
>> knowingly lie, cheat and deceive thinking you will impugn the
>> reputation of those you dislike.
>
>ANY denial of legitimate mail (i.e. not spam) is a false positive.

Not with SPEWS. Any email from an IP address that is not leased or
rented by the intended provider is a false positive with SPEWS.

>SPEWS itself knowingly lies, by self-contradiction, in their FAQ (as
>demonstrated before), just like spammers themselves do, so your point is?

So point out their lies.

>> This is a common tactic used by the weak minded that truly believe
>> they are smarter then those around them. In this fashion you weak
>> minded prey on the lesser mind to get the end result you desire
>> instead of forcing those responsible, the provider to actually stop
>> supporting spammers.
>
>The ASSumption that a provider's customers can influence that provider into
>terminating another customer (the spammer) is a SPEWS fantasy.

So you say. It seems blueyonder is taking steps finally to stop the
spew from those infected machines after how many months? It required
a listing of this size in SPEWS to get tehm to fix their problem.

>> This is the typical tactic of losers that don't have the
>> where-with-all to actually pull themselves up and rise above the
>> bullshit around them and do something to stop the abuse of others.
>
>No. Those people are the ones that employ challenge-response systems, by
>shifting their spam burden onto others.
>
>> You are just typical scum and are deserving of the treatment you get
>> because you refuse to accept you are wrong even though you know you
>> are.
>>
>> You are a liar, cheat, deceiver and in general a scumbag.
>> Anything else I can help you to clarify?
>
>No. It's pretty clear that you're in the collective of SPEWS-pond-scum.

Why? Because I see you lying to get your way? If you have more then
an opinion then post it.

SPEWS listed blueyonder who ignored complaints for months about their
problems [infected machines]. It was only after SPEWS listed them and
it was reported in the news media they did anything to stop the spam.

That is not an opinion. That is reality.

You offer, SPEWS sucks as reality instead of it being your opinion.
You are not being honest.

--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.05.2005 16:17:06 von Moris

Bow-tied road cleaner "Sam" (The Small Dic*k) muttered:

> Beavis, meet Morris, the cat. Now, why don't you two get a
> hotel room and get it over with. You make a very lovely couple.

Can't do it without having you in the middle and thoroughly screwing
you upwards and backwards. Are you ready for that, sammo?

(NANAE just wouldn't be fun without imbeciles like sammo)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.05.2005 20:48:51 von Robert Briggs

[Linux NG pruned]

Alan Connor wrote:

> They just aren't HONEST about it. Instead of promoting the
> use of Challenge-Response Systems, which would truly end
> email if only half the people used them (or less) ...

If you consider it desirable to "truly end email" then go ahead and take
a pair of side-cutters to your network cable: 'tis far preferable to
C/R.

Re: Famous Hacker Uses Challenge-Responses

am 23.05.2005 21:20:57 von Alan Connor

On comp.mail.misc, in
<2pk391t8is96ogbkttni8bpbf7dqmauhkn@4ax.com>, "Mark Ferguson"
wrote:

>
> Really? I have been using this aliase for 42 years and
> everybody knows me by it. Sure would be a shame to have to
> change it now because you are so stupid as to claim I am some
> spammer.
>

Only spammers and trolls and nutcases hate C-R Systems.

> Proof is a good thing dip shit.

You can't talk to me like that. Really. I have warned
you about your mouth in the past.

>
>> who HATE Challenge-Response Systems because they cannot beat
>>them.
>
> Because while they stop spam they create other issues that you
> are too stupid to see.

Wrong. If they did, then Earthlink and other ISPs
wouldn't have adopted them and there wouldn't be so many
C-R Systems being developed.

They dont' even infringe on a single RFC.
In fact, they are COVERED by one. I posted the
whole thing here earlier in the week.

And now I think you are a spammer again.

2+2=4.

There are thousands of spammers out there that honestly
don't believe that _their_ un-solicited bulk commercial
email is spam. Because they work for what they call
'legitimate businesses'.

As if having a business license automatically exempts
someone from morality.

Mark? No one talks to me the way you have in your post
here. I don't permit it. Just like I don't allow
spammers and trolls access to my mailboxes.

Get out of my life.

Done.

(You claim to be middle-aged, but act like a
snivelling teen-aged punk. There's my address
below. Mail me and we'll get together and I'll
give you the spanking your deserve.)

If you don't like C-R Systems, then that is just
too bad. No one needs your permission or approval
to use them or promote them or create them.

AC

--
alanconnor AT earthlink DOT net
Use your real return address or I'll never know you
even tried to mail me. http://tinyurl.com/2t5kp

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.05.2005 21:21:25 von Sam

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.05.2005 21:22:27 von Moris

"Mark Ferguson" wrote in message
news:him391hb0fkv9s6ah3jqiajq0iqp08o53l@4ax.com...

> [snipped garbage]

> Since I have never been listed in SPEWS I have never needed to
> read the FAQ.
>
> What does the FAQ say?

As a spews supporter you advise people to read the spews faq and
actually quote passages from that p.o.s. and then you come here
claiming that you have never read it?

Once again, you have just proved that you are a scumbag, Ferguson.

> Not with SPEWS. Any email from an IP address that is not leased or
> rented by the intended provider is a false positive with SPEWS.

That is a fallacy perpetuated by spews and its brain-washed disciples.
Ask any knowledgeable server admin what a false positive is and they
will give you the same reply: A false positive is *any* legitimate
email that has been marked as spam and so discarded.

> It seems blueyonder is taking steps finally to stop the spew from
> those infected machines after how many months?

Blueyonder has been taking steps to stop the spam emanating from its
compromised machines for a long time. It didn't need a reminder from
spews or anyone else for that matter.

> a listing of this size in SPEWS to get them to fix their problem.

Spews has never before blacklisted an ISP for zombied machines. It
recently changed its tune, realizing its futile tactics have had ZERO
effect on abating the flow of spam in all 4 years of its existence.

> SPEWS listed blueyonder who ignored complaints for months about
> their problems [infected machines].

Count 5 DSL or cable ISPs who haven't got compromised PC's on their
network. You won't find them.

You see, Ferguson, you are far removed from reality. And when you are
presented with clear reality, you deny it.

> it was reported in the news media

I reported the Blueyonder listing in n.a.n-a.e. days before the first
article appeared in mainstream media. Bondedsender.org then took the
news to the BBC. The negative PR against spews will have knocked off
another 2 digits from its user base. Mission accomplished!

Re: Famous Hacker Uses Challenge-Responses

am 23.05.2005 22:07:41 von Mark Ferguson

On Mon, 23 May 2005 19:20:57 GMT, Alan Connor wrote:

>On comp.mail.misc, in
><2pk391t8is96ogbkttni8bpbf7dqmauhkn@4ax.com>, "Mark Ferguson"
>wrote:
>
>>
>> Really? I have been using this aliase for 42 years and
>> everybody knows me by it. Sure would be a shame to have to
>> change it now because you are so stupid as to claim I am some
>> spammer.
>>
>
>Only spammers and trolls and nutcases hate C-R Systems.

Only morons hate those that don't like what they like.

>> Proof is a good thing dip shit.
>
>You can't talk to me like that. Really. I have warned
>you about your mouth in the past.

Really, are you pulling another moris?

>>> who HATE Challenge-Response Systems because they cannot beat
>>>them.
>>
>> Because while they stop spam they create other issues that you
>> are too stupid to see.
>
>Wrong. If they did, then Earthlink and other ISPs
>wouldn't have adopted them and there wouldn't be so many
>C-R Systems being developed.

Wrong. If CR worked everybody would have adopted it a very long time
ago.

>They dont' even infringe on a single RFC.
>In fact, they are COVERED by one. I posted the
>whole thing here earlier in the week.

And I should care????

>And now I think you are a spammer again.

Of course without actually backing it up you can claim anything. I
think you are stupid, but I actuall can post proof of simply by
quoting what you say.

>2+2=4.

so do 2x and 4y and 1/3z. You are still stupid.

>There are thousands of spammers out there that honestly
>don't believe that _their_ un-solicited bulk commercial
>email is spam.

And that means what to me exactly? It is only true to a point. If
you conceed that the vast majority of the net people are aware of spam
and do not send it except an extremely small number of idiots, that
think what they are sending is not spam because of the content then
you are correct.

If you claim those that send the vast majority of spam do not think
what they are sending is then you are quite mistaken.

>Because they work for what they call
>'legitimate businesses'.

Again I ask, this means what to me?

>As if having a business license automatically exempts
>someone from morality.
>
>Mark? No one talks to me the way you have in your post
>here. I don't permit it. Just like I don't allow
>spammers and trolls access to my mailboxes.

Oh, I am so.... ah no I am not. You are an idiot and you know it.

>Get out of my life.

You first :-)

>Done.
>
>(You claim to be middle-aged, but act like a
>snivelling teen-aged punk. There's my address
>below.

Meat space address dip shit, whois whew.com.

> Mail me and we'll get together and I'll
>give you the spanking your deserve.)

So I can jump through hoops :-) and then you can forge headers to
make it appear I am abusing you.

Piss off shit for brains. I have never sent you an email and will
never send you an email. You are to stupid.

>
>
>If you don't like C-R Systems, then that is just
>too bad. No one needs your permission or approval
>to use them or promote them or create them.

You can leave now, I am done with you.

>AC

--
Mark

Re: Famous Hacker Uses Challenge-Responses

am 23.05.2005 22:35:13 von NetworkElf

On Mon, 23 May 2005 19:20:57 GMT, Alan Connor wrote:
> On comp.mail.misc, in
><2pk391t8is96ogbkttni8bpbf7dqmauhkn@4ax.com>, "Mark Ferguson"
> wrote:
>
> Only spammers and trolls and nutcases hate C-R Systems.
>
>> Proof is a good thing dip shit.
>
> You can't talk to me like that. Really. I have warned
> you about your mouth in the past.

All evidence to the contrary. He seems to be able to talk to you JUST
like that.

--
_________________________________________
NetworkElf: Super Genius, Computer Guy, Harley Owner!
Blindly serving the covert purposes of the criminal-minded
maniac behind Spews since 2003. Certified since 2005.

Re: Famous Hacker Uses Challenge-Responses

am 23.05.2005 22:43:29 von Sam

Re: Famous Hacker Uses Challenge-Responses

am 24.05.2005 03:44:30 von Noah Roberts

Mark Ferguson wrote:

> Really? I have been using this aliase for 42 years

Hehehe...that is longer than some of us have been using our real name ;)
When you fart do the spiders flee?

Re: Famous Hacker Uses Challenge-Responses

am 24.05.2005 03:46:09 von Noah Roberts

Mark Ferguson wrote:

>>Only spammers and trolls and nutcases hate C-R Systems.
>
>
> Only morons hate those that don't like what they like.

Only morons hate those that don't like those that don't like what they
like. ;)

Re: Famous Hacker Uses Challenge-Responses

am 24.05.2005 05:51:29 von Mark Ferguson

On Mon, 23 May 2005 18:44:30 -0700, Noah Roberts
wrote:

>Mark Ferguson wrote:
>
>> Really? I have been using this alias for 42 years
>
>Hehehe...that is longer than some of us have been using our real name ;)
> When you fart do the spiders flee?

Every time and it is a site to behold :-)

--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 24.05.2005 17:50:35 von Mark Ferguson

On Mon, 23 May 2005 12:13:15 GMT, Alan Connor wrote:

>
>They claim to want to end spam, but they do exactly what the
>post office does with junk mail: They facilitate it.

Right.... I was almost arrested twice because I refused to accept
delivery of junk mail and the local postmaster thought he was some
sort of diety.

The DMM D042 Subsection 1.2 and 1.3 deal with refusal of mail at and
after time of delivery. By forcing the mail to be carried in both
directions is the only way to stop junk mail.

It will then become to costly for the USPS and they will have to raise
the rates. Then less will use bulk mail so the USPS will again have
to raise the rates. This will continue until the use of junk mail
ceases if people would stop whining and start refusing delevery of the
garbage.

This is what I do to stop junk mail, what is it you do again? Oh yes,
tou wish to stop email as stated in your paragraph below. What you
propose will stop spam as it is sent currently. But it will not stop
spam in the future and restricts email use as does whitelisting when
it is used as a filter against spam.

In effect what you do is add an extra step in the sending and
recieving of email to the home user that is so large businesses cannot
get around it.

Say I wished to sign up for a newsletter so I subscribe. They send
out their signup confirmation, I send out a challange for them to
verify who they are mailing me. You get the picture, er, maybe you do
but I am just not sure. Apply this to business transactions.

Now I will not respond to a challange myself because I will not go
through the extra step to talk to somebody. I treat challanges as
spam as well if I did not sned the first email.

My reasoning for this is simple.

I do not believe it will be a constructive way to stop spam. It
hinders communication between two individuals and that is simply wrong
in my opinion. Now before you go and say I am pro-business the facts
are I think email should be used for exactly the purpose it was
purchased for.

My personal email address is for personal communication between me and
who I give it out to and nobody else. If I have one used for business
it is to be used for that purpose and a narrow vision of that as well.

IOW I am not pro-business and the other can even be said.

>They just aren't HONEST about it. Instead of promoting the
>use of Challenge-Response Systems, which would truly end
>email if only half the people used them (or less), they
>promote the use of strategies and software that the spammers
>can easily beat.

And you would profit from this and profit is your motivation, not
stopping spam or you would not be calling all that do not like the CR
spammers without any proof, evidence or anything at all, except your
dislike.

--
Mark

Re: Famous Hacker Uses Challenge-Responses

am 24.05.2005 19:29:53 von YouCanToo

Mark Ferguson wrote:
>>
>>>Really? I have been using this alias for 42 years
>>
>>Hehehe...that is longer than some of us have been using our real name ;)
>> When you fart do the spiders flee?
>
>
> Every time and it is a site to behold :-)
>

Oh yeah, thanks:) I am sure this is one thing I do not need to see!

Re: Famous Hacker Uses Challenge-Responses

am 25.05.2005 00:27:28 von unknown

Post removed (X-No-Archive: yes)

C/R vs SPEWS - was Re: Recent NANAE Flood (was Re: Famous HackerUses Challenge-Responses)

am 25.05.2005 00:43:18 von unknown

Post removed (X-No-Archive: yes)

Re: Famous Hacker Uses Challenge-Responses

am 25.05.2005 00:51:26 von stupidscript

Mr. Connor: If someone sent you a message From: alanconnor AT earthlink
DOT net , and To: alanconnor AT earthlink DOT net , how does your C-R
system hold up?

If you're using Earthlink's "Spam Blocker", then it's not much good, is
it? In fact, set to its highest level, any domain listed in your
address book will be allowed through ... even messages sent from
compromised systems that happen to send mail via one of the domains in
your address book by chance. Perhaps you don't allow addresses to
accumulate in your address book? Convenient. Now everyone needs to send
you two messages for one every time. That's a great solution! Double
the traffic for none of the benefit!

A better (and currently supported) technique to stop spam would be for
more servers to insist their users use a stronger AUTH method for
SENDING mail. Just as with the USPS, if it doesn't get into the system,
it can't be delivered.

The biggest issue here is education, and not setting some kind of
faulty trap on the receiving end. Besides, I've never had a ('Nix)
program so easy to crash as SpamAssassin. Just hit it with a few
hundred messages in a couple of seconds, and BAM ... no more mail until
it's restarted.

(You should be peppering your comments with "IMHO" or something equally
cute so we know when you're offering an opinion.) IMHO.

Re: Famous Hacker Uses Challenge-Responses

am 25.05.2005 00:54:20 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 25.05.2005 01:01:02 von unknown

Post removed (X-No-Archive: yes)

Re: Famous Hacker Uses Challenge-Responses

am 25.05.2005 01:04:35 von Sam

Re: Famous Hacker Uses Challenge-Responses

am 25.05.2005 01:44:12 von stupidscript

Russell ... where'd you find my message? What a wonderful newsgroup.

Um ... I'm not sure what I did, except install and start SpamAssassin.
It seemed to be working pretty well for a few months, then I started
getting logcheck entries indicating it had crashed and brought down
xinted with it.

I stopped using it, and now just deal with the 90 or so messages it
trapped along with the rest of the spam in my 3000+ message inbox, each
day.

I have enough trouble blacklisting attackers without needing to worry
about a few extra pieces of spam.

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 25.05.2005 01:51:39 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 25.05.2005 01:58:14 von Mark Ferguson

On Tue, 24 May 2005 23:01:02 GMT, "D. Stussy"
wrote:

>On Mon, 23 May 2005, Mark Ferguson wrote:
>> On Mon, 23 May 2005 04:23:35 GMT, "D. Stussy" wrote:
>> >On Sun, 22 May 2005, Mark Ferguson wrote:
>> >> On Mon, 23 May 2005 01:54:28 GMT, "D. Stussy" wrote:
>> >> >On Sun, 22 May 2005, Mark Ferguson wrote:
>> >> >> On Sun, 22 May 2005 17:26:33 GMT, "Moris" wrote:
>> >> >> >...
>> >> >> >Spews is ineffectual on both counts.
>> >> >>
>> >> >> You are of course correct sincce SPEWS does not block anything.
>> >> >
>> >> >But use of SPEWS is to cause blocking.
>> >>
>> >> A clear choice made by informed admins and _not_ the SPEWS admins.
>> >> You use circular logic in this.
>> >
>> >No, I don't. SPEWS is a blocklist and you know it.
>>
>> SPEWS is a list of IP address that meet a certain criterea. What
>> admins do with said list they themselves decide.
>>
>> Some use the list to block email, some use the list to tag email and I
>> have even seen list use to block all packets.
>>
>> Their choice how they use a list after all.
>>
>> >> > You know very well what he was saying,
>> >> >semantics aside.
>> >>
>> >> The data you use is flawed, you know this and still you use it. Is
>> >> there any chance your conclusion does not share the same flaws as your
>> >> data, only to a greater degree?
>> >
>> >What data were that?
>>
>> The list are specific in their use.
>> The admins are uninformed as to what is on the list.
> ^^^^^^^^^^^^^^^^^^^^^^^^^
>...And you claimed that EVERYONE who uses SPEWS knows what it is. You can't
>even get your own position straight.... Thank you for proving my case.

You might wish to reread that little bit.

>> Etc....
>>
>> >> >> >You are a conman because you should know that even the most reliable BLs can
>> >> >> >produce false positives.
>> >> >>
>> >> >> I already stated SPEWS has had false positives. It is you that are
>> >> >> dishonest in your defining of what a false positive is.
>> >> >
>> >> >But you ignored the fact that while the use of other anti-spam systems
>> >> >maximize spam-identification while minimizing the impact on legitimate mail,
>> >> >SPEWS' design of what they list maximizes both spam source identification and
>> >> >its inteference with legitimate mail.
>> >>
>> >> Other BL simply stop spam from reaching your inbox. SPEWS might be
>> >> looking at the bigger picture and so might the admins and companies
>> >> that use SPEWS. That bigger picture might be to stop spam from being
>> >> sent so their is no need for other BL.
>>
>> Hint: ^^^^^^^^^^^^^^^^^^^^^^^^^^
>
>Hint noted, but as you are the typical SPEWS-droid,

So, what is a typical SPEWS droid? Can it be anybody that disagrees
with your point of view? Seems that way from here.

> you will never realize that
>such is not the case. Much spam now comes via compromised machines - and SPEWS
>has no mechanism for listing those (especially the dynamic assignments).

Really.... Adding their IP addresses seems to work fine. So do you
think the SPEWS admins use VI or some other text editor to add the IP
address for compramised machines?

>> >So you wish. SPEWS does not list compromised machines that are on dynamic
>> >allocations - so it can't cause "no need for other BLs."
>>
>> I guess you try and twist words like AC, Moris and others. Do I need
>> to repeat what I wrote or are you going to read what I wrote?
>
>What you wrote is flawed. Are you going to understand that it is?

So other BL don't stop spam from reaching your machines.

>> >> >Whether an e-mail is spam or legitimate is determined solely by CONTENT,
>> >>
>> >> The determining facture of spam in every difintion I have heard with
>> >> the exception of spammers and the DMA [the same mentality IMHO] begins
>> >> with the word "Unsolicited".
>> >
>> >There are many types of unsolicited mail.
>>
>> And it is wrong.
>
>What's "it?"

Unsolicited emails without some sort of prior relationships or a good
reason to contact you which does not include to sell something to you.

>> > ANY mail that is not a reply to some
>> >other mail is unsolicited, even those to your friends (assume you have one) or
>> >relatives (assume they haven't disowned you), absent some other form of
>> >communication requesting it.
>>
>> More flawed data leads to more flawed conclusions. Prior relationship
>> pretty much means the email are solicited or at least accepted.
>
>Obviously, a SPEWS-droid that doesn't understand the word "solicitation." It
>means you ASKED for it.

There are other reasons for soemthing not to be unsolicited.

> Any new communication started by another is
>unsolicited, by definition. [It may be with consent, but is still
>unsolicited.]

Actually not, but you already knew this.

>> > For it to be spam, it ALSO has to be advertising
>> >something (a web site, a product, etc.) or soliciting something (e.g.
>> >charitable giving, voting for a candidate, identity theft [Yes, I consider
>> >"phishing" a form of spam], etc.) - and that's determined by CONTENT.
>>
>> Yet more false information. To be spam, as defined by a few here in a
>> narrow view it has to be sent in bulk and the content again is
>> irrelevent.
>
>Considering that most spam is now sent using (abusing) the "Bcc:" feature of
>SMTP, how are you going to prove that any particular piece of mail is spam if
>you can't determine how many other people received it for it to be
>determined as bulk? As an individual recipient, you can't. Your definition
>fails.

You ar ethe one arguing spam. I am saying Unsolicited Solicitations
by Electronic Mail [USEM] is wrong. You try and prove something is
bulk while I will complain about all the USEM I get :-)

>> >Some people DO want to hear from the public at large, or from a distant
>> >relative they didn't know they had (or know the mailbox of), etc. Those are
>> >unsolicited yet acceptable - NOT ALL unsolicited mail is spam; there's more to
>> >it.
>>
>> And content does not matter.
>
>SPEWS-droid BS.

The issue is and has always been an issue of consent. It is the
pro-spam droids like you that try and make it about content.

Sad little man.

>> >> Now I am unsure how you stretched this to mean content instead of
>> >> consent is beyond my meager abilities to rationalize. Maybe it was
>> >> simple spelling error on your part or you could elaborate how you
>> >> confused the two words.
>> >
>> >No error here.
>>
>> Just ignorance of facts.
>>
>> >> >not
>> >> >its source.
>> >>
>> >> Every spam/ube/uce/etc... originates from a source IP address and
>> >> while the source IP is never the defining requisite for spam it is a
>> >> good place to block if you wish to prevent more of it.
>> >
>> >Until you find out that your Uncle Joe also uses that same source IP address....
>>
>> That would be uncle Joe's problem and not mine. I could email him but
>> he would need to find another way to email me.
>>
>> If you think I would make an exception for family you are sadly
>> mistaken. But it seems you are sadly mistaken about a reat amny
>> thing.
>>
>> >> > It may be that historically, most spam originates from the same
>> >> >source collection, but with the "popularity" of compromised machines, such will
>> >> >soon cease to be true.
>> >>
>> >> Thankfully SPEWS listed enough of BLUEYONDER to get their attention
>> >> and the attention of the news media to get that mess cleaned up.
>> >
>> >So, if SPEWS were to list 0.0.0.0/0, then would that clear up the entire
>> >Internet overnight? :-)
>>
>> And it you were to quit breathing through the straw you have stuck out
>> of your ass it would end things even more quickly for you. Say a
>> couple of minutes. You would either perish of suffication or finally
>> removed your head from your ass.
>>
>> >> > It is only the SPEWS-user who wishes to define mail
>> >> >legitimacy in a way that differs from the usage of everyone else.
>> >>
>> >> Well since it the SPEWS user that is the admin oe owner of the
>> >> machines being protected by SPEWS that only seems right and fair.
>> >>
>> >> Thank you for making that clear.
>> >>
>> >> >> >The target of spews is to blacklist and blackmail the innocent email users
>> >> >> >and hosting providers.
>> >> >>
>> >> >> You keep claiming this yet you have never posted proof. Is it your
>> >> >> intention to just continue to make false claims hoping somebody,
>> >> >> somewhere will believe you or are you going to actually post real
>> >> >> evidence? I know, a question that will go unanswered.
>> >> >
>> >> >SO, all those complaints to NANAE coming from non-spammers aren't proof?
>> >>
>> >> You did say "innocent hosting providers" and "innocent email users".
>> >>
>> >> The provider that allows spam from his network for money or because it
>> >> is to expensive to clean up the mess is not innocent.
>> >>
>> >> The end user that knowingly supports spam supporting ISP's is not
>> >> innocent either.
>> >
>> >Prove that these other customers of a given ISP KNOW that their ISP is
>> >harboring a spammer.
>>
>> All the people coming here complaining about SPEWS get a wake up call
>> explaining why their IP addresses are listed. All the individual that
>> check the reject email that provides a link to SPEWS and just about
>> every rejected email has a link to the BL and usually to the URL with
>> the pertinant information as to why their IP address is listed.
>
>That assumes that the SPEWS information can be trusted. We already know that
>it cannot be. SPEWS lies (previously proven). SPEWS-droids lie.

Post where SPEWS lied. Are you, the pro-spam droid, just making
things up as you go.

>> > Have you asked them? What did they say? [OH, little
>> >problem, SPEWS-droid: You can't get their replies because you blocked them.]
>> >So, where is your proof that they KNOWINGLY support a spam-supporting ISP?
>>
>> Such anger. You might want to get that looked at.
>
>Answer the question, SPEWS-droid.

Ask a question first or act like Moris.

>> >You assume that any and all non-spamming clients of a spam-supporting ISP know
>> >that their provider is a spam-supporter, and thus they are not innocent
>> >bystanders collaterally damaged by those who use SPEWS to block their
>> >legitimate mail. Your proof is? [Magic 8-balls don't count.]
>>
>> I am just so happy you are psychic. Do you take it on the road and
>> make money from that talent? You should not let your talent go to
>> waste.
>
>Answer the question, SPEWS-droid: Where's your proof?

Question first before I can answer it pro-spam droid.

>> >> You provide circular logic and nothing more.
>> >> SPEWS is blocking email when you know SPEWS blocks nothing.
>> >
>> >I know that SPEWS (as with any DNSBL) is used to identify e-mail to be blocked.
>> >I never said that SPEWS itself performs the action.
>> >
>> >> Those admins that use SPEWS don't know what SPEWS is.
>> >
>> >You said it! That's the problem: If at least one admin who configures his
>> >system to use SPEWS doesn't know what SPEWS lists, that proves my original
>> >statement.
>>
>> I left out my sarcasm tag. No you said admin(s), as in plural and a
>> single admin that uses something they have not investigated should not
>> be an admin.
>
>OK, so I have to prove TWO, not just one. You still have to prove ALL.

I have to prove nothing. You are questioning facts that have already
been accepted. It is up to you to refute the facts not me to prove
them again.

>> >> The ISP that has spammers and ignore complaints is innocent and not
>> >> responsable for their network being listed in blacklists.
>> >
>> >I didn't say that the ISP itself was innocent. I stated that its non-spamming
>> >customers were, unless you can prove otherwise (which you can't as
>> >demonstrated above).
>>
>> You said innocent hosting providers which is an ISP so you don't get
>> to back track unless you wish to retract that.
>
>I never said "providers." I did say [non-spamming] CUSTOMERS. There's a
>difference - a difference that a SPEWS-droid is incapable of understanding.

No, you say innocent hosting provders. Need I post the message ID?

>> >> Not of your points hold water and if they were an upturned glass.
>> >
>> >And none of your points do.
>>
>> A claim of fact does not make it so unless you of course provide
>> evidence to back it up. You have not done this so your claims do not
>> hold water.
>
>Nor have you. Only a SPEWS-droid would automatically place the burden of proof
>on the other party and never even think of attempting to prove his own case -
>for he knows he cannot.

You have made an error.

Since I stand on the ground that has already been proven by countless
others and you are questions the basis of this proof, it is incumbant
upon you to disprove the facts that have been proven.

--
Mark

Re: C/R vs SPEWS - was Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 25.05.2005 04:15:20 von Norman Miller

On Tue, 24 May 2005 22:43:18 GMT, D. Stussy wrote:

> Both C/R and SPEWS have a similar side-effect: They place the "spam burden" on
> third-parties, not the recipient nor the spammer. No matter whatever merits
> (if any) that either of these alleged "solutions" have, burdening a third party
> with a spam problem other than their own (either by increase spam or improper
> blocking of their own legitimate mail by misclassifying it as spam) is morally
> wrong.

Is that how blocking works? Identifying email from a blocked source as spam
and deleting it? Or whatever it is that the blocking accomplishes? What am
I missing? Because there is something not quite right about that
description of blocking.

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 25.05.2005 05:56:27 von Mark Ferguson

On Tue, 24 May 2005 23:51:39 GMT, "D. Stussy"
wrote:

>On Mon, 23 May 2005, Mark Ferguson wrote:
>> On Mon, 23 May 2005 01:40:50 GMT, "D. Stussy" wrote:
>> >On Sun, 22 May 2005, Mark Ferguson wrote:
>> >> On Sun, 22 May 2005 05:41:39 GMT, "D. Stussy" wrote:
>> >> >On Sat, 21 May 2005, Mark Ferguson wrote:
>> >> >> I about pee'd my pants from laughing so hard when I read your post.
>> >> >> admins using SPEWS and not knowing about SPEWS, damn that's funny.
>> >> >
>> >> >Your control problems are your personal business.
>> >>
>> >> More from you :-) Let me see if is funny or not.
>> >>
>> >> >There are some that think that SPEWS is MERELY "just another RBL listing
>> >> >spammers" and don't know that such is not what it actually lists.
>> >>
>> >> Now that is funny. Good thing my morning coffee was not that hot or I
>> >> would have burned myself.
>> >>
>> >> > [Ask
>> >> >yourself about how admins find out about RBLs. Unless they visit and
>> >> >understand the SPEWS FAQ (complete with its contradictions), they will never
>> >> >learn that it is different.]
>> >>
>> >> Any admin that does not know what a BL list does knows not to use it.
>> >> If the admin uses a BL that he has not investigated he most likely
>> >> should not be an andmin.
>> >
>> >I don't disagree with that.
>>
>> Your disagreement does not change facts or reality. It simply means
>> you do not agree with it.
>>
>> > However, I'm willing to bet that there are some
>> >"admins" (term used very loosely) that DO use certain RBLs (including DNSBLs)
>> >without knowing exactly what they list.
>>
>> Then they most likely are incompitent and should not be admins as I
>> just stated.
>
>That may be true, but for your statement to be true, such an incompetent admin
>cannot exist. They do, and therefore, you are wrong.

My point of course being that incompitent admins make uninformed
decisions. Since stupid, ignorant and uninformed individual are a
part of everyday life you failed to make a point as to how it is
SPEWS' fault those folks are put in charge of other people's email.

>Legitimate users: 1
>SPEWS-Droids: 0

Pro-spam droid -1
Me 1

>> > All I need is to find ONE such person
>> >to prove my case - while you have to show that no such person exists (or can
>> >exist).
>>
>> I do not have to prove anything because I never made the claim. You
>> did.
>
>Wrong. Your claim was first: That everyone who uses SPEWS knows exactly what
>it lists. I have stated that you are wrong, but I wasn't first. You have the
>burden of proof, my SPEWS-droid.

Lose another point for a false statement.

Pro-spam droid -2
Me 2
>> >Although SPEWS' operators claim that they don't act on newsgroup posts (from
>> >the SPEWS' FAQ), others have claimed that they nevertheless do read NANAE.
>> >Therefore, I will assume that whoever operates SPEWS may read this.
>>
>> Or may have killfiled you a very long time ago. What ego would lead
>> you to believe you have anything others would find either interesting
>> or important?
>
>If so, they will find the references in reply and still may go back and read
>my original post. Either way, should they read it, we know that they are liars
>- for it would mean that there IS a way to communicate with them (albeit with
>the SPEWS operator[s] as [an] anonymous recipient[s]) - a direct contradiction
>of the SPEWS' FAQ (as previously demonstrated).

Indirect contact is not direct contact. Deduct yet another point.

http://www.spews.org/faq.html

Q41: How does one contact SPEWS?

A41: One does not. SPEWS does not receive email - it's just an
automated system and website, general blocklist related issues can be
discussed in the public forums mentioned above. The newsgroups
news.admin.net-abuse.blocklisting (NANABL) and
news.admin.net-abuse.email (NANAE) are good choices. Google makes it
quite easy to post messages via the Web in the unmoderated NANAE
group. Newsreader software should be used to post to the prefered
moderated NANABL group. First time newsgroup posters should read the
NANAE FAQ. Note that posting messages in these newsgroups & lists will
not have any effect on SPEWS listings, only the discontinuation of
spam and/or spam support will. Be aware that posting ones email
address to any publicly viewable forum or website makes it instantly
available to spammers. If you're concerned about getting spammed,
change or "mung" the email address you use to post with.

Can you find the lie in here?

Pro-spam droid -3
Me 3

>> I figure I am in a few killfiles.
>
>You should be in everyone's.

Oh, I am so hurt.

>> >Why not set up a survey of all SPEWS users? We can identify them from the IP
>> >addresses of their DNS servers when they query SPEWS.
>>
>> Wouldn't you need access to the logs from SPEWS to do that? What
>> incentive would SPEWS for outing their confidential data? What of the
>> confidential data of the mirriors of SPEWS that are used?
>
>SPEWS could still do it anonymously through their web site, mindless
>SPEWS-droid. I see nothing in the proposal that breaks any confidentially.

Wishes SPEWS tospam their users with questionairs.

Pro-spam droid -4
Me 4

>> The idea is stupid and unworkable not to mention outing the SPEWS
>> users is unethical.
>
>SPEWS itself is unethical. They fail to make any distinction in their list
>between the spammers themselves and the rest of the netblocks that those
>spammers inhabit. Had they made that distinction, they might(*) have gained
>some respect and legitimacy. However, they don't as any lookup into their
>information returns a binary result: Listed or not listed. Tell that to the
>98% of non-spamming IP addresses that are listed.

More stupidity another point deducted. Cannot differentiate between
SPEWS and spammers.

Pro-spam droid -5
Me 5

>(*) - A very small probability, like 1:10^64.
>
>> > Therefore, it shouldn't
>> >be too hard to e-mail each-and-every one of them (using the postmaster mailbox
>> >of their domain) and ask them a set of survey questions.
>>
>> Invade the privacy of the SPEWS users and then spam the SPEWS users.
>> Your idea just keeps getting better.
>
>Since those parties use SPEWS' resources, it won't be spam. The sender and
>recipient of the mail have a relationship: resource-provider and
>resource-consumer. Only a SPEWS-droid would fail to understand implied
>consent. Apparently, you don't think that a resource provider doesn't have a
>right to notify his customers (or other consumer of his services).

Says emailing people that use a blocklist is not spam.

Pro-spam droid -6
Me 6

>> > Since they all use
>> >SPEWS, they "do business" with SPEWS so under most anti-spamming laws, the
>> >unsolicited contact would NOT be spam.
>>
>> You just hate SPEWS so much that you disregard everything else. You
>> sound like Moris, Son SPot and a few others.
>>
>> > Should any of them respond to the
>> >survey with an answer of "no" to the question of "Did you know that SPEWS may
>> >list non-spammers' IP addresses that share a provider with a listed spammer?",
>> >then my statement is precisely validated.
>>
>> How about we do a survey of those that hate SPEWS. We can get their
>> email addresses from the posts in NANAE/S/BL/etc... and spam them with
>> this survey.
>
>You already have such a survey. Search the Internet using google.com's search
>engine and count the number of hits.

Then of course search and see how many like SPEWS and think SPEWS is
the right thing to do.

Which count is higher? Not teh number of posts just the number of
posters.

>> We can asked them questions like.
>>
>> 1. Is it SPEWS fault others agree with them?
>> 2. What responsability do you attribute to spammers for BL?
>>
>> Anybody wish to add the question for the survey we should spam the
>> SPEWS haters club?
>
>I'm glad that you called it "spam." Since the "SPEWS-haters" do NOT have a
>provider-customer relationship with SPEWS, then by what right would any
>SPEWS-droid have to send them anything? No relationship => NO implied consent.

Point spread is groing. Because I have a business relationship with a
company does not mean they are free to send me anything they so
desire.

If that is a requirement of doing business with them I terminate my
relationship with them completely. In fact I just did that with one
company.

Pro-spam droid -7
Me 7

>> >> > SPEWS is a knee-jerk reaction on steroids that
>> >> >intentionally lists non-spammers as if those customers of the ISPs that the
>> >> >spammers "inhabit" have any say in the matter (they don't).
>> >>
>> >> More funnies. Damn good thing I set my coffee down. I have a lot to
>> >> say to my ISP and they either listen or I instigate an uprising and a
>> >> mass exodus.
>> >
>> >A "mass exodus" also requires that these legitimate, non-spammer customers have
>> >another place to go.
>>
>> There are always other places to go unless you live in a majorly
>> unihabited part of the world that has been left undeveloped, which
>> there are places that are like that.
>
>SPEWS-fallacy #2.

Your a nice individual that thinks before itspeaks.

SPEWS-fallacy #1 and #2

You cannot blame everything on SPEWS no matter how pro-spam you are.

>> Just not really here in the US.
>>
>> > Perhaps you are unaware that in some regions, providers
>> >have insufficient supply for the demand of hosting and that there are waiting
>> >lists.
>>
>> Hosting is an easy one. Hosting can be done anywhere and by anybody
>> you choose. It is the dialup account which usually controls the IP
>> address from where your email comes from that is the big issue.
>
>SPEWS-fallacy #3.

So I can't host any of my sites anywhere I decide?

Pro-spam droid -8
Me 8

>When was the last time that our favorite SPEWS-droid had to move 100
>rack-mounted servers from one facility to another? [Not all hosting is on the
>provider's equipment....]

That would be your problem and not mine. If it were a problem I were
to face I would be very careful and investigate any potential
providers to see if their business practices would create problems for
me and my customers. This is called due dilligence and any
respectable business entity does due dilligence prior to signing any
contract.

Is your failure now SPEWS' fault as well?

>> You are attempting to obfuscate the issues or you just are ignorant.
>>
>> > Such was the case 2 years ago when my friends and I had to find a new
>> >provider when our old one went bankrupt and out of business. We were lucky in
>> >that we were able to act quickly - but others we knew from that facility are
>> >still wait-listed.
>>
>> And this means what exactly?
>
>Proof that SPEWS-fallacy #2 is false. Sometimes, there are no alternate
>providers for one to go to (especially when demand outstrips supply).

What a crock of shite. Any holes in any service are quickly filled.

>> >> Customer loyalty only goes as far as company loyalty. I like my
>> >> provider and they _are_ _very__very__very__very_ anti-spam. If the
>> >> were listed in SPEWS I would leave and find another provider.
>> >
>> >And if there were no other provider in your area?
>>
>> Then I guess you are screwed huh.
>
>That's why SPEWS-fallacy #2 is a fallacy. SPEWS assumes that there is always
>another [non-SPEWS-listed] provider that one can go to.

Your fault, your responsability and not the rest of the net.

I figured you out. You think everybody owes you something. You think
everybody should suffer the spam from your provider just so you are
not inconvenienced.

Got news for ya pally. I don't owe you and neither does anybody
except the provider that promised you good service.

>> >> For them to get listed in SPEWS they would have to have spam eminate
>> >> from or for their customers.
>> >
>> >All it seems to take is exactly ONE spammer customer. That will never justify
>> >listing the entire netblock - with the other 4,000 non-spammers also being
>> >blocked as a result of using the list.
>>
>> If they do not term the spammer yes. It is not the rest of the net's
>> responsability to accept spam from your provider just so you and 3999
>> other customers can send email unobstructed.
>
>Why does our favorite SPEWS-droid feel that it is MY problem to deal with the
>spammer that is spamming him?

Only if it causes your provider get listed spam droid. How is a
spammer from your provider my responsability???

>> Use a free online email account to send and recieve email.
>> Complain to your provider hourly, daily....
>>
>> The squeaky wheel gets the grease.
>
>SPEWS philosophy: The early bird gets WORMED.

Well you should have that looked at then.

>> >> They would then have to ignore complaints.
>> >> The spam would have to continue.
>> >> The complaints would have to continue to be ignored.
>> >>
>> >> Only after this would I be affected by a SPEWS listing and at that
>> >> point my provider would be supporting a spammer and not worth my
>> >> loyalty so I would pack it in and find a reputable provider.
>> >
>> >Still, only takes one spammer - and causes collateral damage to 2^12
>> >non-spammers.
>>
>> Your point is what exactly? It is not the rest of the webs fault my
>> provider cannot term a spammers. I will not make it the rest of the
>> web's responsability either.
>
>Why should it be the responsibility of ANY of those 2^12 collaterally damaged
>non-spammers to fix YOUR spam problem?

Okay Moris.

>> If I had no alternative but to use a spam friendly company as a dial
>> up provider I would damn sure not use them for anything else and I
>> would be complaining daily to their support email address and
>> telephone number, I would be posting in their internal NG's bitching
>> about why they are so spam friendly and the damage it is causing me,
>> the extra money it is costing me.
>
>So would I. However, only the SPEWS-droid would not ALSO bitch to the list
>operator(s) who misclassified his IP address as a spammer source.

Well if the spam droid thinks I owe him something and that I should
bitch at SPEWS then the spam droid should explain how it is I have
become indebted to him.

>SPEWS, by being too aggressive, has caused more problems than good.

That is your opinion. One that I do not share.

>> Eventually somebody else would provide service in the area and I would
>> jump ship and take as many others with me as I could.
>
>SPEWS-fallacy #2 appears again.

Sure spam droid.

>> >> >A good selection of about 6-8 RBLs, a bayesian filter backend,
>> >>
>> >> It is called content filtering and is okay if you wish to top spam
>> >> from being delivered to your inbox.
>> >>
>> >> >and an
>> >> >identification system to identify (and block email from) dynamic IP assignments
>> >> >works
>> >>
>> >> This works to prevent spam from being delivered to your inbox based on
>> >> the originating IP address if it is being sent from a Dial Up Pool.
>> >>
>> >> >BETTER than using SPEWS
>> >>
>> >> SPEWS stops spammers from being able to send it by getting providers
>> >> to terminate them.
>> >
>> >Obviously, such is INEFFECTIVE. Otherwise, SPEWS would have existed for a
>> >short time, with all ISPs thereafter canning their spammers, then not need to
>> >exist any longer. The continued existence of SPEWS demonstrates its
>> >ineffectiveness.
>>
>> So you say. My guess is more like spammers lie about who they are
>> [false names and other information] and what it is they do. then they
>> move in and then the new provider, unless they act on complaints gets
>> listed in SPEWS.
>
>Typical SPEWS-droid - ignoring the proof when shoved in front of his face.

Okay spam droid, you tell yourself whatever you need so you may find
some comfort. If SPEWS is so ineffective them why is your spam droid
ass in here whining?

>> Takes time to list and unlist the entire net over and over again
>> because sales drones don't exercise due dilligence when checking new
>> large customers.
>>
>> > As I have stated previously to NANAE and c.m.m, it is the
>> >flawed philosophy of SPEWS which is the defect.
>>
>> Stating something and then proving it as fact are two diffent things.
>
>Agreed. However, this has been proven as well.

You have simply stated your opinion. Because you think SPEWS is
flawed because it does things you dislike, does not mean SPEWS is
defective.

It simply means you do not like SPEWS.

>> >> I like the idea of stopping spammers from sending spam better then I
>> >> like the idea of stopping spam from being delivered in my inbox.
>> >
>> >Then write your government representative to make it illegal AND provide a
>> >source of funding for enforcement costs. Until it's internationally illegal,
>> >it will continue.
>>
>> Why write when I have the telephone numbers of the state legislator
>> responsable for the anti-spam law that California wrote and passed?
>
>Because local law is ineffective. As stated above, this has to be
>INTERNATIONAL, and in the U.S., only the U.S. Congress has the authority to
>enter into treaties with other countries, SPEWS-droid. Duh.
>
Well spam droid Iworked to get the CA law written and passed only to
have it nullified greatly by the federal legalization of spam. I
provided Burns with a formula to calculate the volume of spam if it
were to be made legal but I don't have as much money as the DMA so
Burns didn't listen to me.

>> The one that the DMA and Microsoft themselves tried so hard to squash.
>>
>> >> It is logical to think that if the spam was stopped from being sent
>> >> then there would be no need to stop it from being delivered in to your
>> >> inbox.
>> >>
>> >> > because the false-positive rate will [always] be
>> >> >lower, due to SPEWS flawed target philosophy of including the non-spamming IPs.
>> >>
>> >> SPEWS has had a couple of false positives over the years [lisitng IP
>> >> blocks not belonging to who SPEWS thought they belonged to] but they
>> >> corrected the information as soon as it was brought to their
>> >> attention. Other then that SPEWS has had no false positives I am
>> >> aware of.
>> >
>> >Brought to SPEWS' attention HOW?
>>
>> I think the SPEWS FAQ says something about posting here and in another
>> NG. Since I have never been listed in SPEWS I have never needed to
>> read the FAQ.
>
>A SPEWS-droid admission that he doesn't know what's in the SPEWS' FAQ!

Hey spam droid it is question 41 if you care to look.

>It says that a person may post to NANAE, but that such an action will have "no
>effect" toward causing [eventual] removal of a listing (either erroneous, or
>after spammers have been canned); therefore, posting is irrelevent as the SPEWS
>operators never act on posts.

Adding to the SPEWS FAQ I see. Hey, I found out who SPEWS is.

It has had an effect when there was a false positive so SPEWS must
actually read this and put that up so the group wouldn't get flooded
by weenies whining about their IP ranges being listed in SPEWS.

>Answer the question: Brought to SPEWS' attention how?

Apparently by posting it and outlining what you have done.

>> > Remember that they don't have inbound email
>> >service nor act on newsgroup posts.....
>>
>> What does the FAQ say?
>
>Any SPEWS-droid should already know:

Well spam droid I guess tehn I am not a PSEWS droid.

> That there is no way to communicate with
>SPEWS at all. No email. No web form on their site.

Which is how they would get sued like MAPS did. It cost MAPS a great
deal of money and if I was SPEWS I would not open myself up to
litigation in any way.

> They don't act on
>newsgroup posts (the suggestion is made only to allow the innocent non-spammers
>a place to vent their frustrations - and for NO OTHER REASON).

The action is not garanteed but it does happen. You bitching about
your provider won't get action. Your provider coming and outlining
what they are doing differently sometimes gets action.

>> >> Oh, you are talking about the other IP addresses that are
>> >> rented/leased to the ISP that spam is not originating from. That
>> >> isn't a false positive because that is the target, the provider.
>> >
>> >Which is clearly different from what the other RBLs list....
>>
>> Most BL target the IP address the spam originates from and not the
>> provider unless it is clear the provider is aiding the spammers with
>> musical IP's.
>>
>> >> Because the customer of the target is affected means what? They are
>> >> false positives? This means you know the intentions of SPEWS but you
>> >> knowingly lie, cheat and deceive thinking you will impugn the
>> >> reputation of those you dislike.
>> >
>> >ANY denial of legitimate mail (i.e. not spam) is a false positive.
>>
>> Not with SPEWS. Any email from an IP address that is not leased or
>> rented by the intended provider is a false positive with SPEWS.
>
>That's why SPEWS causes problems. They operate in their own world - where the
>definitions differ from that used in the REAL world.

If they are only in their own world spam droid how did they manage to
affect yours?

>Only a SPEWS-droid would come up with a convoluted definition like that: That
>false positives can only come from non-listed addresses.

A spam droid that can't read came up with that definition.

> If the address isn't
>listed, it won't be blocked (by use of SPEWS) and can therefore never be a
>false positive. Obviously, our SPEWS-droid does not understand that for the
>false positive to first be positive, it must come from a listed address.

Again, the spam droid that failed reading and comprehension wrote
that. If you go back and read what I wrote you will get a real good
idea of what constitutes a false positive for SPEWS.

>> >SPEWS itself knowingly lies, by self-contradiction, in their FAQ (as
>> >demonstrated before), just like spammers themselves do, so your point is?
>>
>> So point out their lies.
>
>I have already done so, last year, in NANAE.

Right....

>> >> This is a common tactic used by the weak minded that truly believe
>> >> they are smarter then those around them. In this fashion you weak
>> >> minded prey on the lesser mind to get the end result you desire
>> >> instead of forcing those responsible, the provider to actually stop
>> >> supporting spammers.
>> >
>> >The ASSumption that a provider's customers can influence that provider into
>> >terminating another customer (the spammer) is a SPEWS fantasy.
>>
>> So you say. It seems blueyonder is taking steps finally to stop the
>> spew from those infected machines after how many months? It required
>> a listing of this size in SPEWS to get tehm to fix their problem.
>
>Utter SPEWS-droid BS.

Now let us read the spam droid's corrections.

> Since there is no way for ANYONE, let alone
>"Blueyonder," to contact SPEWS, even if Blueyonder had fixed their spam
>problem, SPEWS has no way to learn that they have,

The spam would have stopped spam droid. I guess it is a good thing it
takes a lot to get listed in SPEWS.

> and thus would continue to
>list them FOREVER. There is no way to seek removal of any IP from the SPEWS
>list - because there is no way to communicate such a request to SPEWS. It says
>so in the SPEWS' FAQ.

You knowingly lie. Sad thing you are. This is what differentiate me
from you spam droid.

I tell the truth whether it agree with my perception of the world or
not. You lie, cheat and steal to get what you believe the world owes
you.

>> >> This is the typical tactic of losers that don't have the
>> >> where-with-all to actually pull themselves up and rise above the
>> >> bullshit around them and do something to stop the abuse of others.
>> >
>> >No. Those people are the ones that employ challenge-response systems, by
>> >shifting their spam burden onto others.
>> >
>> >> You are just typical scum and are deserving of the treatment you get
>> >> because you refuse to accept you are wrong even though you know you
>> >> are.
>> >>
>> >> You are a liar, cheat, deceiver and in general a scumbag.
>> >> Anything else I can help you to clarify?
>> >
>> >No. It's pretty clear that you're in the collective of SPEWS-pond-scum.
>>
>> Why? Because I see you lying to get your way? If you have more then
>> an opinion then post it.
>>
>> SPEWS listed blueyonder who ignored complaints for months about their
>> problems [infected machines]. It was only after SPEWS listed them and
>> it was reported in the news media they did anything to stop the spam.
>
>Of course SPEWS did. It can send all the complaints it wants to - but will
>never hear a reply,

The spam continued to flow or they would not have been listed.

> so, given infinite time, it will auto-list every provider
>who has a single spammer.

It is hard to lie when you don't believe what you are saying.

> Why doesn't SPEWS just list 0.0.0.0/0 and be done
>with it? [How is SPEWS supposed to receive a reply if it has no incoming
>e-mail service?]

Why don't you take responsability for your own stupidity? It would
solve this discussion.

>> That is not an opinion. That is reality.
>
>Not in this universe. SPEWS is a legend only in its own collective mind.

SPEWS has a set of rules and standards. There is not spite listings,
no deviation from their goal to stop spammers. They are true to their
word and listing criterea.

You are not even true to yourself.

>> You offer, SPEWS sucks as reality instead of it being your opinion.
>> You are not being honest.
>
>My position is supported by the evidence.
>The SPEWS-droid position isn't.

No spam droid. Your disagreement with the criterea used for the SPEWS
listings does not make your opinion right.

--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 25.05.2005 06:40:40 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 25.05.2005 06:54:48 von Alan Connor

On comp.mail.misc, in , "Mark Ferguson" wrote:
>
>
> On Tue, 24 May 2005 23:51:39 GMT, "D. Stussy"
> wrote:

Two idiots.

SPEWS doesn't work for shit. It's another non-solution
to the spam problem, from pro-spammers-in-denial.

Like all such people, they think that there is good spam
and bad spam.

The un-solicited bulk email sent by THEIR buddies, is "good
spam" of course.

So their methods fail. Again and again.

"D. Stussy" is not worth a moment's consideration. He isn't
even aware that honesty exists in the universe.

Regardless of which alias he is using at the moment.

Until the ISPs refuse to relay and accept anonymous
mail, the only way to eliminate spam from one's life is
with a Challenge-Response System.

And the ONLY people that argue against them (and ALWAYS
with lies, omissions and exaggerations) are spammers
and trolls.

If even ONE of their charges was true, Earthlink wouldn't
touch them with a one-hundred foot pole, yet they offer
them to all of their clients as a part of their standard
spam-fighting package.

http://tinyurl.com/2t5kp

AC

--
Please visit my home page:
http://angel.1jh.com./nanae/kooks/alanconnor.html

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 25.05.2005 08:09:30 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 25.05.2005 08:19:58 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 25.05.2005 16:22:47 von Sam

Re: C/R vs SPEWS - was Re: Recent NANAE Flood (was Re: Famous Hacker

am 25.05.2005 20:21:16 von Robert Briggs

D. Stussy wrote:
> Alan Connor wrote:
>
> > "[SPEWS] claim[s] to want to end spam, but they do exactly what the post
> > office does with junk mail: They facilitate it."

> The paper mail system isn't that valid an analogy. With paper, the SENDER
> bears the SOLE COST of sending, while in the electronic world of the Internet,
> the recipient shares the cost.

The junk paper mailer may, indeed, be the one who *initially* pays the
*obvious* cost of sending his crud.

That does *not* mean that the recipient pays nothing.

In a nearby post rack, we have dozens of items of junk mail which didn't
magically jump out of the postman's sack and into the pigeonholes.
Distributing that stuff around the site consumes quite a bit of our
receptionists' time - and that's *before* we get to rifle through it,
grab our own, redirect some of it (via those long-suffering
receptionists), put some of it out for the cleaners to take for the
binman, etc.

The junk paper mailers themselves then pass the cost of their mailings
on to their customers, so we wind up paying for their printing and
postage in the end, in any case.

It is, of course, true that the up-front marginal cost of *each and
every message* in a paper mailing helps to keep levels of junk paper
mail down, whereas the emailer's marginal cost per message (i.e.,
excluding the cost of writing his spiel in the first place, etc.) is
*very* close to zero.

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 25.05.2005 23:32:56 von Robert Briggs

D. Stussy wrote:
> Mark Ferguson wrote:

> By usage of SPEWS' database, SPEWS has implied consent [to send
> email to users of SPEWS].

Balderdash.

If users had to *register* with SPEWS before using the data then SPEWS'
terms of service could be *written* in such a way as to mean that such
registration (which would have to include specifying your email address)
implied consent to SPEWS' sending of *specified* types of *relevant*
email.

However, all I have to do to use SPEWS data is to ask my browser to
fetch what I want through my approved HTTP proxy. No email address is
involved in any way, so there's certainly no consent, implied or
otherwise, to SPEWS' sending me email.

> SPEWS cannot and willingly DOES NOT differentiate between spammers and
> non-spammers unlucky enough to have the same provider.

In very many cases, careful reading of SPEWS evidence files shows
*plenty* of indications that the SPEWS administrators can and DO
"differentiate between spammers and non-spammers unlucky enough to have
the same provider": just look for blocks which *started* as single /32s
and were then steadily expanded as providers *persistently* failed to
boot their spammers.

> Your position is that a resource owner may NOT contact the resource users.

That is very often the case.

If I simply drive along a stretch of public highway which is not a toll
road of some sort then the local highway agency has *no business
whatsoever* to write to me; if I break the rules (perhaps by driving
through Red Ken's "Congestion Charge" zone in London during its
operating hours and then failing to pay the fee on time) then they may
write to me.

> > Okay Moris.
>
> Who's Moris? I'm not Moris, but your initials are MF; quite fitting.

I believe you are not Moris.

The evidence is that he is quite capable of snipping unnecessary text
from his responses, while you (and, indeed, Ferguson) seem to lack even
*that* degree of clue.

> > > SPEWS, by being too aggressive, has caused more problems than good.
> >
> > That is your opinion. One that I do not share.
>
> You're in the minority - and about to become extinct in that opinion.

AFAICMO, SPEWS "does what it says on the tin": it is a "Spam Prevention
Early Warning System", which allows users to detect email coming from IP
address space near to addresses actually used by spammers.

The *users* choose what to do with email from such address space,
perhaps blocking on SPEWS level 1 and simply tagging on level 2.

> SPEWS is ineffective in combatting spam. However, SPEWS is not ineffective in
> harming plenty of other people - the other 98% of the IP addresses listed by it
> that are under the control of non-spammers. SPEWS targets the wrong people.

Something else you seem not to appreciate is that your reference to "the
other 98% of the IP addresses listed by" SPEWS is, at best, ignorantly
misleading.

In majority of cases the legitimate users of these IP addresses use
their providers' mail servers, and have *no conscious reason whatsoever*
to be running mail servers or mail-emitting malware.

The only legitimate senders to be inconvenienced are the relatively few
who choose to use their own mail servers - and many here would say that
is, at best, unwise from "dynamic" IP addresses, i.e., ones which are
either actually dynamic, or seemingly static within nominally dynamic
pools.

> > It has had an effect when there was a false positive so SPEWS must
> > actually read this and put that up so the group wouldn't get flooded
> > by weenies whining about their IP ranges being listed in SPEWS.
>
> Which means that SPEWS does take action in response to newsgroup posts - a
> DIRECT CONTRADICTION to their statement in SPEWS' FAQ - A41.

I get the distinct impression that the SPEWS FAQ has to be read *very*
carefully if you want to get the most out of it.

AIUI, SPEWS proper is the blocklist itself, so it is quite true that you
*cannot* contact SPEWS.

What I believe to happen is that SPEWS *administrators* monitor the NGs
for relevant articles, and amend their "master files" accordingly. It
would then be quite feasible for the "automated" system described in the
FAQ to transfer the relevant data to the publicly-accessible servers.

If someone politely and accurately posts here noting a real *error* in
the SPEWS database (perhaps an administrator has mistyped an IP address
range or listed it against an inappropriate provider) then the posting
will give cause to start an investigation which may result in a change
to the "master files", in which case a cron job or some such will cause
the change to be propagated to the publicly-accessible servers.

Similarly, if a provider posts details of what he has done to put a stop
to spamming from his network then the administrators may check his claim
against any evidence of recent spam from the network, with the
possibility that they will believe his network is now clean, and amend
the "master files".

In either case, it is *not* the posting itself that causes any change to
the listing. It is the *evidence of absence/cessation of spamming* that
does it (and, AIUI, a sufficient period with no spam would result in
automated delisting, in any case).

IMO, the *key* reason that the FAQ suggests posting to the NGs is that
the SPEWS administrators are quite aware that many of the regulars will
make an effort to *help* providers who *truly* want assistance to clean
up their acts, such as folk with sloppily-run mailing lists who want to
Do The Right Thing and are willing to *learn* what that involves, rather
than simply to argue that "confirmed opt-in" (or "double opt-in", as
many of them call it when they arrive) is unduly onerous.

> However, it also provides no way for anyone to contact them to let them know
> that any spammer has been removed from the Internet. Therefore, SPEWS-droid,
> tell us how SPEWS learns that an entry in their listing needs to be revised.
> Does SPEWS use a "magic 8-ball?"

Not at all.

AIUI, SPEWS proper will *automatically* delist a provider if *no further
spam* is observed for an acceptable period.

> > > They don't act on newsgroup posts (the suggestion is made only to allow
> > > the innocent non-spammers a place to vent their frustrations - and for
> > > NO OTHER REASON).

Not at all.

The "innocent non-spammers" you mention receive plenty of useful
suggestions from regulars here.

If they always understood the problem and then went off and put pressure
on their spam-friendly providers whom they help *pay* to remain in
business then the providers would either wake up a deal with spam
properly or lose their "innocent non-spammers", in which case
null-routing them is no problem to any decent citizen.

> > The action is not garanteed but it does happen. You bitching about
> > your provider won't get action. Your provider coming and outlining
> > what they are doing differently sometimes gets action.

The provider must *stop the spam*.

AIUI, all that a *credible* outline of "what they are doing differently"
does (if anything) is to shorten the spam-free period which *must* be
observed by SPEWS before delisting occurs.

Of course, a provider who comes along and tells porkies opens himself up
to faster expansion of listings and slower delisting if he ever *does*
fix his problems.

> If the action does happen, then the post DID have an effect - A direct
> contradiction of the statement in SPEWS' FAQ at A41.

IMNSHO, all the evidence is that A41 is at least as trustworthy as
anything *any* politician says. :-)

> How does SPEWS know that the spam from any given source has stopped? Without
> any way to contact SPEWS, all it can know at best is that the spammer hasn't
> spammed any of the SPEWS operators recently - but that in no way equates to the
> spam source ceasing operation.

AIUI, the SPEWS administrators have access to the spam-load sent to a
range of email addresses (probably including their own *home* addresses)
and are quite capable of counting the days since the last spam email
arrived from a netblock. Indeed, I believe much of this is *automated*.

Phew! That will have to do for tonight ...

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 26.05.2005 08:17:26 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 04.06.2005 01:49:23 von sethb

In article ,
D. Stussy wrote:

>SPEWS itself is unethical. They fail to make any distinction in their list
>between the spammers themselves and the rest of the netblocks that those
>spammers inhabit.

Do they _say_ they make such a distinction?

If I ever get around to implementing my NoPrimes dnsbl, will I be
unethical because I don't make any distinction between prime number IP
addresses that spammers inhabit and prime number IP addresses that
spammers don't inhabit? If I say I'm listing prime number, and I do
list prime numbers, then I'm not being unethical. Likewise, SPEWS
does what it _says_ it does. If it isn't doing what _you want_, that
doesn't make it unethical.

> Had they made that distinction, they might(*) have gained
>some respect and legitimacy.

>(*) - A very small probability, like 1:10^64.

So why would it be worth doing since it would have essentially no
effect?

> However, they don't as any lookup into their information returns a
>binary result: Listed or not listed. Tell that to the 98% of
>non-spamming IP addresses that are listed.

Where did you invent that statistic from?

>> > Therefore, it shouldn't
>> >be too hard to e-mail each-and-every one of them (using the postmaster mailbox
>> >of their domain) and ask them a set of survey questions.
>> Invade the privacy of the SPEWS users and then spam the SPEWS users.
>> Your idea just keeps getting better.
>Since those parties use SPEWS' resources, it won't be spam.

Unsolicited, check. Bulk, check. Email, check. Yes, it's spam.

> The sender and
>recipient of the mail have a relationship: resource-provider and
>resource-consumer. Only a SPEWS-droid would fail to understand implied
>consent.

Only a spammer invents implied consent for the provider of a website
to send email to anybody who reads anything on the website.

> Apparently, you don't think that a resource provider doesn't have a
>right to notify his customers (or other consumer of his services).

SPEWS can change its listings or its FAQ any time it wants. That
provides all the notification it needs to do.

>> There are always other places to go unless you live in a majorly
>> unihabited part of the world that has been left undeveloped, which
>> there are places that are like that.
>
>SPEWS-fallacy #2.

Yeah, if you can get Internet access you can get to other email
providers no matter where you are. That doesn't help your argument
any.

>> Hosting is an easy one. Hosting can be done anywhere and by anybody
>> you choose. It is the dialup account which usually controls the IP
>> address from where your email comes from that is the big issue.
>
>SPEWS-fallacy #3.

My local connection has nothing to do with where my email is emitted.

>When was the last time that our favorite SPEWS-droid had to move 100
>rack-mounted servers from one facility to another? [Not all hosting is on the
>provider's equipment....]

Oh, somebody has that many servers and not their own IP space?
Anyway, all they _need_ to move is their outgoing mailswerver; who do
you claim has 100 rack-mounted servers emitting email?

>Proof that SPEWS-fallacy #2 is false. Sometimes, there are no alternate
>providers for one to go to (especially when demand outstrips supply).

That just isn't the case.

>That's why SPEWS-fallacy #2 is a fallacy. SPEWS assumes that there is always
>another [non-SPEWS-listed] provider that one can go to.

There is. There are lots of anti-spam providers in the world.

>> If they do not term the spammer yes. It is not the rest of the net's
>> responsability to accept spam from your provider just so you and 3999
>> other customers can send email unobstructed.
>
>Why does our favorite SPEWS-droid feel that it is MY problem to deal with the
>spammer that is spamming him?

Why do you feel that I should accept email coming from the network of
a provider that supports spammers?

>> Use a free online email account to send and recieve email.
>> Complain to your provider hourly, daily....
>>
>> The squeaky wheel gets the grease.
>
>SPEWS philosophy: The early bird gets WORMED.

You're making less sense than usual, which is quite a stretch.

Seth

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 04.06.2005 03:44:01 von mark

"Seth Breidbart" decided to chill out:

> >In article ,
> >D. Stussy wrote:
> >
> >SPEWS itself is unethical. They fail to make any distinction in
> >their list between the spammers themselves and the rest of
> >the netblocks that those spammers inhabit.
>
> Do they _say_ they make such a distinction?

Yes, they do. RTFF.

> >However, they don't as any lookup into their information returns
> >a binary result: Listed or not listed. Tell that to the 98% of
> >non-spamming IP addresses that are listed.
>
> Where did you invent that statistic from?

That figure is correct. Your pretension that it is not proves your
DISHONESTY.

> >Since those parties use SPEWS' resources, it won't be spam.
>
> Unsolicited, check. Bulk, check. Email, check. Yes, it's spam.

No, it is not. Let me give you a quick lesson on what is spam and what
is not, from the recipient's p.o.v. When the intended recipient of an
email both recognizes the sender and has no qualms in receiving a
message from that sender (either because he gave the sender prior
consent or by being associated to the sender in some manner, e.g. the
local retirement club which he visits twice a week) that email is
_not_ spam. Anything else is spam.

If an email blacklist or filter prevents a non-spam email reaching its
intended recipient, that email becomes a false-positive.

> >That's why SPEWS-fallacy #2 is a fallacy. SPEWS assumes that there
> >is always another [non-SPEWS-listed] provider that one can go to.
>
> There is. There are lots of anti-spam providers in the world.

Being anti-spam is not enough. Can you count 5 backbone providers that
have ZERO spam problem?

> >Why does our favorite SPEWS-droid feel that it is MY problem to
> >deal with the spammer that is spamming him?
>
> Why do you feel that I should accept email coming from the network
> of a provider that supports spammers?

This is another fallacy. Spews does not blacklist 100% of an ISPs net
space (with 2 or 3 exceptions in the past 16 months). By using the
spews list, you are still accepting email from allegedly
spam-harboring networks.

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 04.06.2005 06:11:25 von Pete

On 2005-06-04, Mark wrote:
>
> Let me give you a quick lesson on what is spam and what is not, from the
> recipient's p.o.v. When the intended recipient of an email both recognizes
> the sender and has no qualms in receiving a message from that sender
> (either because he gave the sender prior consent or by being associated to
> the sender in some manner, e.g. the local retirement club which he visits
> twice a week) that email is _not_ spam. Anything else is spam.

That's pretty tough. So if I mail you now then that's spam in your view ?
I'm just trying to understand what you're saying. We don't know each other,
and as far as I know you haven't given me specific permission to mail you,
so I would be spamming you if I sent you a mail that wasn't about this
particular thread of even this froup ?

Regards,

Pete.

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 04.06.2005 10:55:52 von V

"Mark" wrote in message
news:42a1074f$0$1687$ed2e19e4@ptn-nntp-reader04.plus.net...
> "Seth Breidbart" decided to chill out:

[snipped some parts]

>> Where did you invent that statistic from?
>
> That figure is correct. Your pretension that it is not proves your
> DISHONESTY.

No, it does not prove his dishonesty. That 98% is a statistical figure, and
does not mean anything.

It does not matter if an IP address is listed in SPEWS or not, _if_ that IP
address is not being used to relay e-mail from. Now, count IP addresses that
are being used a originator IP address for relaying e-mail, and count those
that are not being used to relay spam from (from which we can say they are
false positives from the sender points of view, not necessarily SPEWS). That
percentage is important.

>> >Since those parties use SPEWS' resources, it won't be spam.
>>
>> Unsolicited, check. Bulk, check. Email, check. Yes, it's spam.
>
> No, it is not.
> Let me give you a quick lesson on what is spam and what
> is not, from the recipient's p.o.v. When the intended recipient of an
> email both recognizes the sender and has no qualms in receiving a
> message from that sender (either because he gave the sender prior
> consent or by being associated to the sender in some manner, e.g. the
> local retirement club which he visits twice a week) that email is
> _not_ spam. Anything else is spam.

How frequently do you think that a message received from a website you
visited is wanted? Implied consent is an invention of spammers. And
therefore anything that is sent without the prior explicit consent will be
spam. Even if a webform has a checkbox switched on by default next to a
description that this will cause e-mail to be sent to you, will make that
e-mail to be spam.

> If an email blacklist or filter prevents a non-spam email reaching its
> intended recipient, that email becomes a false-positive.

To the intended recipient and the sender: yes. To SPEWS: no (although I
cannot speak for SPEWS, since I have nothing to do with SPEWS).

>> >That's why SPEWS-fallacy #2 is a fallacy. SPEWS assumes that there
>> >is always another [non-SPEWS-listed] provider that one can go to.
>>
>> There is. There are lots of anti-spam providers in the world.
>
> Being anti-spam is not enough. Can you count 5 backbone providers that
> have ZERO spam problem?

Seth wrote "anti-spam providers". You write about 5 backbone providers.
There isn't a single internet on this planet that doesn't have spam problem.

>> >Why does our favorite SPEWS-droid feel that it is MY problem to
>> >deal with the spammer that is spamming him?
>>
>> Why do you feel that I should accept email coming from the network
>> of a provider that supports spammers?
>
> This is another fallacy. Spews does not blacklist 100% of an ISPs net
> space (with 2 or 3 exceptions in the past 16 months). By using the
> spews list, you are still accepting email from allegedly
> spam-harboring networks.

Well, SPEWS could start blocking 0.0.0.0/0 for every spam originating from
that address space.

--
V

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 04.06.2005 19:05:13 von Mark Ferguson

On Fri, 3 Jun 2005 23:49:23 +0000 (UTC), sethb@panix.com (Seth
Breidbart) wrote:

>In article ,
>D. Stussy wrote:
>
>>SPEWS itself is unethical. They fail to make any distinction in their list
>>between the spammers themselves and the rest of the netblocks that those
>>spammers inhabit.
>
>Do they _say_ they make such a distinction?
>
>If I ever get around to implementing my NoPrimes dnsbl, will I be
>unethical because I don't make any distinction between prime number IP
>addresses that spammers inhabit and prime number IP addresses that
>spammers don't inhabit? If I say I'm listing prime number, and I do
>list prime numbers, then I'm not being unethical. Likewise, SPEWS
>does what it _says_ it does. If it isn't doing what _you want_, that
>doesn't make it unethical.

I have attempted to explain that SPEWS sets their own criterea for
listings and if SPEWS deviates from those criterea then SPEWS has
false positives and would be unethical.

I guess I am not being clear enough or the reader is not capable of
common sense. I gave it up.

>> Had they made that distinction, they might(*) have gained
>>some respect and legitimacy.
>
>>(*) - A very small probability, like 1:10^64.
>
>So why would it be worth doing since it would have essentially no
>effect?
>
>> However, they don't as any lookup into their information returns a
>>binary result: Listed or not listed. Tell that to the 98% of
>>non-spamming IP addresses that are listed.
>
>Where did you invent that statistic from?

Moris provided that tib bit when SPEWS listed blueblunder for the
compramised machines.

900,000 IP's listed and only 17,000 machines infected, 17,000 infected
machines. What in the blue flying fuck were tehy waiting for?

>>> > Therefore, it shouldn't
>>> >be too hard to e-mail each-and-every one of them (using the postmaster mailbox
>>> >of their domain) and ask them a set of survey questions.
>>> Invade the privacy of the SPEWS users and then spam the SPEWS users.
>>> Your idea just keeps getting better.
>>Since those parties use SPEWS' resources, it won't be spam.
>
>Unsolicited, check. Bulk, check. Email, check. Yes, it's spam.

Moris think Seth. The poster is thinking like Moris and I am unable
to explain that SPEWS does not even have the email addresses for all
that use their lists.

He is in Moris mode.

>> The sender and
>>recipient of the mail have a relationship: resource-provider and
>>resource-consumer. Only a SPEWS-droid would fail to understand implied
>>consent.
>
>Only a spammer invents implied consent for the provider of a website
>to send email to anybody who reads anything on the website.

The actual and very real problem is SPEWS does not have a database of
email addresses for those that use SPEWS. SPEWS has no way of knowing
who is using their lists. Who uses a mirror site and no email address
is logged when the list is accessed.

>> Apparently, you don't think that a resource provider doesn't have a
>>right to notify his customers (or other consumer of his services).
>
>SPEWS can change its listings or its FAQ any time it wants. That
>provides all the notification it needs to do.

Personally I don't think the Provider has the right to sell me
anything they wish, notify me of the things they wish, etc... It was
not a part of my terms of service and when it is a part of my terms of
service I will find a reputable provider.

I went through this with MY provider and it was worked out to the
benifit of all.

>>> There are always other places to go unless you live in a majorly
>>> unihabited part of the world that has been left undeveloped, which
>>> there are places that are like that.
>>
>>SPEWS-fallacy #2.
>
>Yeah, if you can get Internet access you can get to other email
>providers no matter where you are. That doesn't help your argument
>any.

He is still stuck in Moris mode.

>>> Hosting is an easy one. Hosting can be done anywhere and by anybody
>>> you choose. It is the dialup account which usually controls the IP
>>> address from where your email comes from that is the big issue.
>>
>>SPEWS-fallacy #3.
>
>My local connection has nothing to do with where my email is emitted.

It also has nothing to do with hosting and in some cases you can get
both hosting and email service from the same provider.

>>When was the last time that our favorite SPEWS-droid had to move 100
>>rack-mounted servers from one facility to another? [Not all hosting is on the
>>provider's equipment....]
>
>Oh, somebody has that many servers and not their own IP space?
>Anyway, all they _need_ to move is their outgoing mailswerver; who do
>you claim has 100 rack-mounted servers emitting email?
>
>>Proof that SPEWS-fallacy #2 is false. Sometimes, there are no alternate
>>providers for one to go to (especially when demand outstrips supply).
>
>That just isn't the case.

Circular argument. The poster cannot get past the simple fact the
mail can be handled by a third party as can the hosting.

>>That's why SPEWS-fallacy #2 is a fallacy. SPEWS assumes that there is always
>>another [non-SPEWS-listed] provider that one can go to.
>
>There is. There are lots of anti-spam providers in the world.
>
>>> If they do not term the spammer yes. It is not the rest of the net's
>>> responsability to accept spam from your provider just so you and 3999
>>> other customers can send email unobstructed.
>>
>>Why does our favorite SPEWS-droid feel that it is MY problem to deal with the
>>spammer that is spamming him?
>
>Why do you feel that I should accept email coming from the network of
>a provider that supports spammers?

I asked the same question and still wait for a valid reason.

>>> Use a free online email account to send and recieve email.
>>> Complain to your provider hourly, daily....
>>>
>>> The squeaky wheel gets the grease.
>>
>>SPEWS philosophy: The early bird gets WORMED.
>
>You're making less sense than usual, which is quite a stretch.
>
>Seth

--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 04.06.2005 19:16:12 von Mark Ferguson

On Sat, 04 Jun 2005 08:55:52 GMT, "V" wrote:

>"Mark" wrote in message
>news:42a1074f$0$1687$ed2e19e4@ptn-nntp-reader04.plus.net...
>> "Seth Breidbart" decided to chill out:
>
>[snipped some parts]
>
>>> Where did you invent that statistic from?
>>
>> That figure is correct. Your pretension that it is not proves your
>> DISHONESTY.
>
>No, it does not prove his dishonesty. That 98% is a statistical figure, and
>does not mean anything.

It is a statistical figure for a single incident which is not
indicative of the entire SPEWS database.

IOW SPEWS listed blueyonder and 900,000 IP addresses. Of this some
17,000 were infected spam spewing machines that blueyonder was and had
been aware of for some time.

17,000
------------ = 1.88%
900,000

This of course is the source of the number Moris quotes continually.
Now it has magically grown to 2% or by 1,000 IP numbers overall when
it is clear the number is based on a single incident.

>It does not matter if an IP address is listed in SPEWS or not, _if_ that IP
>address is not being used to relay e-mail from. Now, count IP addresses that
>are being used a originator IP address for relaying e-mail, and count those
>that are not being used to relay spam from (from which we can say they are
>false positives from the sender points of view, not necessarily SPEWS). That
>percentage is important.
>
>>> >Since those parties use SPEWS' resources, it won't be spam.
>>>
>>> Unsolicited, check. Bulk, check. Email, check. Yes, it's spam.
>>
>> No, it is not.
>> Let me give you a quick lesson on what is spam and what
>> is not, from the recipient's p.o.v. When the intended recipient of an
>> email both recognizes the sender and has no qualms in receiving a
>> message from that sender (either because he gave the sender prior
>> consent or by being associated to the sender in some manner, e.g. the
>> local retirement club which he visits twice a week) that email is
>> _not_ spam. Anything else is spam.
>
>How frequently do you think that a message received from a website you
>visited is wanted? Implied consent is an invention of spammers. And
>therefore anything that is sent without the prior explicit consent will be
>spam. Even if a webform has a checkbox switched on by default next to a
>description that this will cause e-mail to be sent to you, will make that
>e-mail to be spam.
>
>> If an email blacklist or filter prevents a non-spam email reaching its
>> intended recipient, that email becomes a false-positive.
>
>To the intended recipient and the sender: yes. To SPEWS: no (although I
>cannot speak for SPEWS, since I have nothing to do with SPEWS).
>
>>> >That's why SPEWS-fallacy #2 is a fallacy. SPEWS assumes that there
>>> >is always another [non-SPEWS-listed] provider that one can go to.
>>>
>>> There is. There are lots of anti-spam providers in the world.
>>
>> Being anti-spam is not enough. Can you count 5 backbone providers that
>> have ZERO spam problem?
>
>Seth wrote "anti-spam providers". You write about 5 backbone providers.
>There isn't a single internet on this planet that doesn't have spam problem.

While I think you meant provider I would say only this. The providers
that actively respond to complaints about their networks do not get
listed in SPEWS. Those do not take action against spammers or even
facilitate spammers that are listed.

>>> >Why does our favorite SPEWS-droid feel that it is MY problem to
>>> >deal with the spammer that is spamming him?
>>>
>>> Why do you feel that I should accept email coming from the network
>>> of a provider that supports spammers?
>>
>> This is another fallacy. Spews does not blacklist 100% of an ISPs net
>> space (with 2 or 3 exceptions in the past 16 months). By using the
>> spews list, you are still accepting email from allegedly
>> spam-harboring networks.
>
>Well, SPEWS could start blocking 0.0.0.0/0 for every spam originating from
>that address space.

--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 06.06.2005 05:03:18 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 06.06.2005 05:09:37 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 06.06.2005 05:22:59 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 06.06.2005 05:41:48 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 06.06.2005 17:12:25 von Mark Ferguson

On Mon, 06 Jun 2005 03:41:48 GMT, "D. Stussy"
wrote:

>On Sat, 4 Jun 2005, Mark Ferguson wrote:
>> On Fri, 3 Jun 2005 23:49:23 +0000 (UTC), sethb@panix.com (Seth
>> Breidbart) wrote:
>>
>> >In article ,
>> >D. Stussy wrote:
>> >
>> >>SPEWS itself is unethical. They fail to make any distinction in their list
>> >>between the spammers themselves and the rest of the netblocks that those
>> >>spammers inhabit.
>> >
>> >Do they _say_ they make such a distinction?
>> >
>> >If I ever get around to implementing my NoPrimes dnsbl, will I be
>> >unethical because I don't make any distinction between prime number IP
>> >addresses that spammers inhabit and prime number IP addresses that
>> >spammers don't inhabit? If I say I'm listing prime number, and I do
>> >list prime numbers, then I'm not being unethical. Likewise, SPEWS
>> >does what it _says_ it does. If it isn't doing what _you want_, that
>> >doesn't make it unethical.
>>
>> I have attempted to explain that SPEWS sets their own criterea for
>> listings and if SPEWS deviates from those criterea then SPEWS has
>> false positives and would be unethical.
>
>But SPEWS also claims to be something that they truly aren't - a spammer list,

That is just not true. They are a list of spam supporting providers
and not "just a list of IP addresses used for spamming".

There is a distinction beteen the two.

>and that's how some people use them - as if they were. It may not be
>significant that SPEWS says otherwise in that usage dictates what they truly
>are.

It is the user's responsability to verify the tool he/she is using is
the correct tool for the job. You keep attempting to make it the
manufacture's responsability for how their tool is used.

>> I guess I am not being clear enough or the reader is not capable of
>> common sense. I gave it up.
>
>Definently the former. If anyone had common sense, they would see the
>operators of SPEWS for what they truly are - spineless cowards and liars.

So like MAPS SPEWS should open themselves up to lawsuits so they can
be sued out of exisitance. I am not sure why protecting oneself for
their right to offer their opinion is a bad thing or makes them
spineless cowards but I am sure you or Moris will enlighten us.

IMHO it would be the spineless cowards that use the courts to kill
SPEWS and has been tried with Spamhaus and MAPS both. When you fail
to remember history you are doomed to repeat it.

And as for them being liars I think you are reaching for that as well.
The simple truth is that SPEWS created a tool for a legitimate purpose
and it is used for that purpose. They make no bones or try and
obvuscate the tool's function in any manner.

How is this lying?

>> The actual and very real problem is SPEWS does not have a database of
>> email addresses for those that use SPEWS. SPEWS has no way of knowing
>> who is using their lists. Who uses a mirror site and no email address
>> is logged when the list is accessed.
>
>The mirrors who implement the SPEWS list as a DNSBL know who has used them.
>SPEWS knows who these mirrors are by logging the IP addresses of any who
>download their lists off of SPEWS' own website or FTP server. The information
>CAN be had; it's possible.

Possible != right

You ask them to do that which they are fighting against. Then when
you told how this is wrong in so many ways you simply ignore the truth
and amble towards another half truth cluching it to you as closely as
you can.

Because I use MicroSoft on one machine does not give them the right to
approach me to sell me other things they offer.

If I register for these offers then I would expect to recieve them and
I would not consider them to be spam.

I have a Toyota car, Craftsman tools, a Makita cordless a Sony TV,
JVC DVD player, etc.... Because I have these tools does not give the
manufacture the right to bombard me at my expense with advertising
other tools they make or questionares for their own information.

I am trying to be clear with the clues but you will of course simply
ingore this one as well if past experience is any indicator or can you
provide me a reason why I should be at the manufacture's whim.

>> >> Apparently, you don't think that a resource provider doesn't have a
>> >>right to notify his customers (or other consumer of his services).
>> >
>> >SPEWS can change its listings or its FAQ any time it wants. That
>> >provides all the notification it needs to do.
>>
>> Personally I don't think the Provider has the right to sell me
>> anything they wish, notify me of the things they wish, etc... It was
>> not a part of my terms of service and when it is a part of my terms of
>> service I will find a reputable provider.
>>
>> I went through this with MY provider and it was worked out to the
>> benifit of all.
>
>I never suggested that they would have any right to contact you about OTHER
>products or services they may offer. My suggestion was in the narrow context
>of regarding a product or service that you DO USE on a continuous basis.

They do not have that right if I have not given it to them. My use of
their service is not what I consider prior consent. Others think it
does create a prior relationship and while I agree it does I also will
end that business relationship over something I percieve as wrong.

I do not pay the provider to send me ads or ask me questions about
their service. If I have an issue I will send in a note or make a
telephone call. There have been issues since moving out of state in
dialup and news service. I have worked with my provider to fix these
issues because I like my provider because they do nit support spammers
and they give good service.

I would end that relationship if part of their requirements of doing
business with them included being the recipient of junk email.

It is as simple as that.

>> ...
>> Circular argument. The poster cannot get past the simple fact the
>> mail can be handled by a third party as can the hosting.
>
>Just because [some say] it can be done that way doesn't mean that it IS done
>that way or that it is even commonplace. How many of you have actually been in
>a facility with rooms filled with 1,000 or more rack-mounted servers? I have -
>and in more than several of these.

You keep making the same argument. Your mail does not have to be
handled where your other servers are. You also have an option of
getting your own arin IP space listed and get away from the listing in
SPEWS.

IOW there are things you can do to protect yourself from being listed
inadvertantly in blacklists but you have done none of these. Instead
you wish to merely complain about a tool that was created for a
certain purpose and you only complain when you are caught in the
tool's path.

--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 08.06.2005 00:53:12 von sethb

In article ,
D. Stussy wrote:
>On Fri, 3 Jun 2005, Seth Breidbart wrote:
>> In article ,
>> D. Stussy wrote:

>> >SPEWS itself is unethical. They fail to make any distinction in their list
>> >between the spammers themselves and the rest of the netblocks that those
>> >spammers inhabit.
>>
>> Do they _say_ they make such a distinction?
>
>No, yet they make the claim that their list is to be used for anti-spam
>purposes.

It is. The purpose of blocking email from spam-friendly networks is
an anti-spam purpose.

>You didn't make any claim that you list spammers. SPEWS claims that they list
>spam sources.

Where? I've seen, in their FAQ, that they list IP space controlled by
spam-friendly providers.

>> > Had they made that distinction, they might(*) have gained
>> >some respect and legitimacy.
>>
>> >(*) - A very small probability, like 1:10^64.
>>
>> So why would it be worth doing since it would have essentially no
>> effect?
>
>How do you know?

You're the one who claimed 1e-64. I know that that's a very small
number because I can do arithmetic.

> There may be people who decide to use their list to JUST
>target the spammers and NOT the non-spamming customers happening to exist at
>the same ISP.

Then those people are using the wrong tool. There are people who
decide to use a sledgehammer to JUST crush a mosquito and NOT destroy
the wall it's sitting on; they aren't likely to succeed, either. But
the fault is that of the person who chose the wrong tool, not the
tool.

> Without a distinction between these two classes, such is
>impossible.

So use a different list.

> SPEWS claims that ALL of the IP addresses listed are spam sources

Where do they claim that? Which number answer in their FAQ?

>- and justifies the listing of those IPs that haven't actually spammed

Congratulations! You have just won the Boursey award for
self-contradiction.

> by saying that they WILL (cf. "Early Warning" from its name).

Or at least that they might, or are more likely to than
randomly-chosen other IP addresses.

> I'd like to see their PROOF that each address that isn't currently
>or in the past was spamming will spam.

You'll get that shortly after you provide PROOF that SPEWS says what
you claimed it did.

> [We all know they have none. They prefer to defame these non
>spammers than to tell the truth.]

How is it defamation to claim that, for instance, MCI owns a chunk of
IP space that MCI owns?

>> > However, they don't as any lookup into their information returns a
>> >binary result: Listed or not listed. Tell that to the 98% of
>> >non-spamming IP addresses that are listed.
>> Where did you invent that statistic from?
>It's not an invention. Do a survey of their evidence files and compute it
>yourself.

Where do you get the idea that their evidence files provide all the
evidence they have? It's easy to show that they don't.

>> >Since those parties use SPEWS' resources, it won't be spam.
>> Unsolicited, check. Bulk, check. Email, check. Yes, it's spam.
>So, you say that a resource provider has no right to contact the resource
>consumers about the use of that resource?

That's right.

> Tell that to any judge. The law
>doesn't support your conclusion.

On which planet is there a "The law"?

>If you don't believe that, then get the f--k out of my computer for I have
>never invited you in.

Nor have I entered. You _chose_ to download my public postings, the
same way you might _choose_ to read somebody's web site.

> (You see how stupid that sounds - but that's your
>conclusion I used.)

Apparently you don't understand the difference between push and pull.

>> > The sender and
>> >recipient of the mail have a relationship: resource-provider and
>> >resource-consumer. Only a SPEWS-droid would fail to understand implied
>> >consent.
>> Only a spammer invents implied consent for the provider of a website
>> to send email to anybody who reads anything on the website.
>The law does also.

That's a law written, bought, and paid for by spammers, right?

>> > Apparently, you don't think that a resource provider doesn't have a
>> >right to notify his customers (or other consumer of his services).
>> SPEWS can change its listings or its FAQ any time it wants. That
>> provides all the notification it needs to do.
>I never said that it couldn't. However, you didn't say that it couldn't notify
>the users of its resource if it chose to.

It certainly can, by posting to its web site. It can't by sending
unsolicited bulk email.

>> >> There are always other places to go unless you live in a majorly
>> >> unihabited part of the world that has been left undeveloped, which
>> >> there are places that are like that.
>> >SPEWS-fallacy #2.
>> Yeah, if you can get Internet access you can get to other email
>> providers no matter where you are. That doesn't help your argument
>> any.
>Written by someone who lacks the understanding of "hosting" services.

I understand just how easy it is to set up a colo box.

>> >> Hosting is an easy one. Hosting can be done anywhere and by anybody
>> >> you choose. It is the dialup account which usually controls the IP
>> >> address from where your email comes from that is the big issue.
>> >SPEWS-fallacy #3.
>> My local connection has nothing to do with where my email is emitted.
>Non-sequitur.

Nope; precisely the issue. Since my email isn't limited to coming
from anything having to do with my local connection, I don't have to
care whether my local connection provider is blacklisted or even
blocked.

>> >When was the last time that our favorite SPEWS-droid had to move 100
>> >rack-mounted servers from one facility to another? [Not all hosting is on the
>> >provider's equipment....]
>> Oh, somebody has that many servers and not their own IP space?
>> Anyway, all they _need_ to move is their outgoing mailswerver; who do
>> you claim has 100 rack-mounted servers emitting email?
>Who said that all machines in the collection are mail servers? Not
>I.

So you only have to move one of them.

> So, you would have each of your 100 machines at a different
>facility - each with a different contract.

Me, personally? I'd have them all at one facility; but then, I'd have
done my due diligence (you have heard that term before, haven't you?)
before choosing that facility, so I wouldn't be blocked due to
choosing a spam-friendly hosting facility.

> You had better not be in business for yourself

You have better not be in business for anyone else, your lack of due
diligence would be a serious issue.

> - with that
>attitude, you should be in bankruptcy for lack of any business sense.

Now explain why I'd need 100 facilities, rather than two.

(In fact, I do know one company with over 100 facilities, but they
have several machines at each of them; and they're moderately
successful these days.)

>> >Proof that SPEWS-fallacy #2 is false. Sometimes, there are no alternate
>> >providers for one to go to (especially when demand outstrips supply).
>> That just isn't the case.
>Wrong. It was precisely the case in my locality in 2002, just after a few
>hosting facilities went bankrupt after the 2001 stock-market bubble burst.

So use a hosting facility that isn't so local. You can reach it via
the Internet. You have heard of the Internet, haven't you?

>> >That's why SPEWS-fallacy #2 is a fallacy. SPEWS assumes that there is always
>> >another [non-SPEWS-listed] provider that one can go to.
>> There is. There are lots of anti-spam providers in the world.
>Proven wrong above.

Your locality isn't the world. You have proven nothing, just whined a
lot.

>> >> If they do not term the spammer yes. It is not the rest of the net's
>> >> responsability to accept spam from your provider just so you and 3999
>> >> other customers can send email unobstructed.
>> >Why does our favorite SPEWS-droid feel that it is MY problem to deal with the
>> >spammer that is spamming him?
>> Why do you feel that I should accept email coming from the network of
>> a provider that supports spammers?
>In other words, you don't care how many non-spam emails you deny in order to
>block that one dreaded spam from reaching your mailbox, do you?

It's my mailbox, I get to make the decisions for it. If you don't
like my decisions, you're welcome to (attempt to) contract with me to
change them. I'm sure there's some appropriate fee that would induce
me to accept email from you.

Or don't you understand the concept of private property?

>This must be the case: Seth Breidbart, SPEWS-droid.

Hello, Moris[2].

>> >SPEWS philosophy: The early bird gets WORMED.
>> You're making less sense than usual, which is quite a stretch.
>My play on twisting the words of the fable was quite clear: Those who do
>things CORRECTLY are the ones who get SCREWED.

Correctly means not using spam-friendly providers. Those who do
things correctly get their email through to their desired recipients.

> Those who don't play by the
>rules succeed (to the detriment of others).

Those who choose to support spam-friendly providers often lose. I
think that's a good thing. You're welcome to your own opinion.

> Society has never accepted that
>view and has laws to punish those who do so - criminal law.

Are you claiming that it's a crime for me to block anybody I want to
from my mailbox, for any reason or no reason? Under precisely which
statute?

> Since you are clearly incapable of understanding such an easy
>concept, you must also be a career criminal too.

I suggest you look up the concept of "libel per se".

Seth

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 10.06.2005 03:21:11 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 10.06.2005 03:55:42 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 10.06.2005 04:36:52 von Mark Ferguson

On Fri, 10 Jun 2005 01:21:11 GMT, "D. Stussy"
wrote:

>> >But SPEWS also claims to be something that they truly aren't - a spammer list,
>>
>> That is just not true. They are a list of spam supporting providers
>> and not "just a list of IP addresses used for spamming".
>>
>> There is a distinction beteen the two.
>
>That distinction disappears when one reads their drivel further and reads the
>claim that if an address from a listed provider isn't currently spamming, then
>it WILL in the future. They make the assumption that EVERY customer of a
>listed ISP has, is, or will be a spammer. That kills the distinction.

If you say so.

>> >and that's how some people use them - as if they were. It may not be
>> >significant that SPEWS says otherwise in that usage dictates what they truly
>> >are.
>>
>> It is the user's responsability to verify the tool he/she is using is
>> the correct tool for the job. You keep attempting to make it the
>> manufacture's responsability for how their tool is used.
>
>In the context of your analogy, there are plenty of "OTHER manufacturers"
>(other DNSBLs) where their tools aren't MISUSED to deny legitimate (non-spam)
>mail. SPEWS has [or is] a DEFECTIVE tool.

So we agree. It is not SPEWS fault if your email gets blocked it is
the people attempting to protect themselves from the spammers your
provider supports.

>> >> I guess I am not being clear enough or the reader is not capable of
>> >> common sense. I gave it up.
>> >
>> >Definently the former. If anyone had common sense, they would see the
>> >operators of SPEWS for what they truly are - spineless cowards and liars.
>>
>> So like MAPS SPEWS should open themselves up to lawsuits so they can
>> be sued out of exisitance. I am not sure why protecting oneself for
>> their right to offer their opinion is a bad thing or makes them
>> spineless cowards but I am sure you or Moris will enlighten us.
>
>I don't see the other, non-anonymously controlled DNSBLs being sued.

So you missed the lawsuit against MAPS [all three of them] the lawsuit
against anti-spammers accuse of being SPEWS? Why should SPEWS open
themselves up to SLAPP suits?

> SPEWS
>only hides because they know that they are EXCEEDING what the [Internet]
>society permits by custom - exceeding it into defaming the non-spamming
>customers of the affected ISPs.

What hogwash. If that were true then nobdy would use the list they
publish. So you got slapped by SPEWS :-)

>> IMHO it would be the spineless cowards that use the courts to kill
>> SPEWS and has been tried with Spamhaus and MAPS both. When you fail
>> to remember history you are doomed to repeat it.
>
>The laws have since been changed - and these brainless "DMA" supporters now
>know that they are hated.

And SLAPP suit no longer happen, and the world is full of honest
people and nobody steals from others.... What a load.

>SPEWS needs to be killed off. However, I take the opposite position with
>respect to all the other RBLs; they are needed.

And your position means as much as Moris's position to SPEWS and those
that use the list....

>> And as for them being liars I think you are reaching for that as well.
>> The simple truth is that SPEWS created a tool for a legitimate purpose
>> and it is used for that purpose. They make no bones or try and
>> obvuscate the tool's function in any manner.
>>
>> How is this lying?
>
>SPEWS lies in their own FAQ. [That has already been documented in last year's
>posts.]

Not every FAQ is exactly accurate and you know that. Something said
wrong can easily be misinterpreted. You just want something to hang
on SPEWS because you know if tehy were the dirty evil bastards you
clain them to be nobody would use their list.

Instead ths opposite is accurate.

>> >> The actual and very real problem is SPEWS does not have a database of
>> >> email addresses for those that use SPEWS. SPEWS has no way of knowing
>> >> who is using their lists. Who uses a mirror site and no email address
>> >> is logged when the list is accessed.
>> >
>> >The mirrors who implement the SPEWS list as a DNSBL know who has used them.
>> >SPEWS knows who these mirrors are by logging the IP addresses of any who
>> >download their lists off of SPEWS' own website or FTP server. The information
>> >CAN be had; it's possible.
>>
>> Possible != right
>
>Only to the LAZY and those with a REASON TO HIDE.

Only spammer wish to send people email they never requested. Only
spammers create a circumstances within a relationship so they can send
unsolicted email.

>> You ask them to do that which they are fighting against. Then when
>> you told how this is wrong in so many ways you simply ignore the truth
>> and amble towards another half truth cluching it to you as closely as
>> you can.
>
>I didn't ask them to violate their own premises.

Yes you do and you continue to justify it as, "They can do it",
instead of they should do it.

> I asked them to contact their
>userbase about the service they actually provide to those users.

I am sure they have already decided a long time ago that was
innappropriate or they would have implimented some sort of
registration proceedure so they could conteact their users base from
time to time to ask if they know what the SPEWS list consist of.

No, they didn't. Them dirt rotten bastards. They should have known
how you wanted them to run their list ahead of time.

> That
>relationship means that such contact is NOT spam.

In your mind only.

> Only a SPEWS-droid has such
>a convoluted mind so as not to understand such a simple concept.

Only a spam-droid justifies his action that he/she knows to be wrong.

>> Because I use MicroSoft on one machine does not give them the right to
>> approach me to sell me other things they offer.
>
>I didn't say that it did.

Yes, you did.

> However, your example is off base.

As is your pany buncher.

> They would be
>contacting you with regard to their product that you DO use, not another that
>you might or might not.

So you think that MS should be able to ge the email address of htose
that use their OS and send them email until they opt-out.

Good to know where you stand on what you think is spam and what is
A-OK emailing.

>> If I register for these offers then I would expect to recieve them and
>> I would not consider them to be spam.
>>
>> I have a Toyota car, Craftsman tools, a Makita cordless a Sony TV,
>> JVC DVD player, etc.... Because I have these tools does not give the
>> manufacture the right to bombard me at my expense with advertising
>> other tools they make or questionares for their own information.
> ^^^^^
>Non-sequitur. The contact would be with regard to the exact items you DO use.

And your point is what? It is okay to spam me if I have a GE fridge
or a whirlpool washer? You truly are a spam-droid.

>I suppose that since you don't care if the things you use have recall or defect
>notices - because you apparently call those spam too.

I never register my products so I don't get anything from the
manufacture.

Another one ass hat.

Say I bought my GE Range from an appliance store. Do both GE and the
appliance store now have the right to locate my email address and send
me email asking me to go to their websire or try and sell me something
else or would you call a questionare from either of these VIA email
spam?

>> I am trying to be clear with the clues but you will of course simply
>> ingore this one as well if past experience is any indicator or can you
>> provide me a reason why I should be at the manufacture's whim.
>
>You obviously don't understand a thing that has been said, and based on your
>response, you are incapable of understanding any of it. Go away little
>SPEWS-droid.

I understand eveything you have said. I will reiterate.

I have been spanked by SPEWS and my providers is in SPEWS.
If I say SPEWS says I am a spammer maybe somebody will believe me.
If you buy something from somebody they can spam you.
If you buy a product the manufaturer can spam you.
If you use a product the manufaturer can spam you.

Did I miss anything?

Oh, yeah, I am not a spammer.

>> >> >> Apparently, you don't think that a resource provider doesn't have a
>> >> >>right to notify his customers (or other consumer of his services).
>> >> >
>> >> >SPEWS can change its listings or its FAQ any time it wants. That
>> >> >provides all the notification it needs to do.
>> >>
>> >> Personally I don't think the Provider has the right to sell me
>> >> anything they wish, notify me of the things they wish, etc... It was
>> >> not a part of my terms of service and when it is a part of my terms of
>> >> service I will find a reputable provider.
>> >>
>> >> I went through this with MY provider and it was worked out to the
>> >> benifit of all.
>> >
>> >I never suggested that they would have any right to contact you about OTHER
>> >products or services they may offer. My suggestion was in the narrow context
>> >of regarding a product or service that you DO USE on a continuous basis.
>>
>> They do not have that right if I have not given it to them. My use of
>> their service is not what I consider prior consent. Others think it
>> does create a prior relationship and while I agree it does I also will
>> end that business relationship over something I percieve as wrong.
>
>What you think is wrong. Business law doesn't agree with you.

Because a law makes it on the books make it right. Not to long ago
the laws on the books prohibited blacks and women from voting. Before
that you could legally own people, the law said so.

You don't give much energy to thought do you? Or is it critical
thinking...?

>> I do not pay the provider to send me ads or ask me questions about
>> their service. If I have an issue I will send in a note or make a
>> telephone call. There have been issues since moving out of state in
>> dialup and news service. I have worked with my provider to fix these
>> issues because I like my provider because they do nit support spammers
>> and they give good service.
>
>And you're an asshole who would probably try to sue a manufacturer over a
>defective item despite the fact that their letter to you informing you of the
>defect was returned (as refused) before you were damaged as a result of the
>defect. Sorry - that's the way to LOSE a lawsuit.

It is so refereshing to see individuals like you reduced to making
only these types of points.

But, but your mother was uglier then mine.

>> I would end that relationship if part of their requirements of doing
>> business with them included being the recipient of junk email.
>>
>> It is as simple as that.
>
>Mail about a product (or service) you already have isn't necessarily junk mail
>just because they sent it to you without your permission. (e.g defect recall.)

You keep making that claim. It is just as an upturned glass... it
does not hold water.

--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 10.06.2005 06:07:27 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 10.06.2005 23:38:55 von sethb

In article ,
D. Stussy wrote:
>On Tue, 7 Jun 2005, Seth Breidbart wrote:
>> In article ,
>> D. Stussy wrote:
>> >On Fri, 3 Jun 2005, Seth Breidbart wrote:
>> >> In article ,
>> >> D. Stussy wrote:

>> >You didn't make any claim that you list spammers. SPEWS claims that they list
>> >spam sources.
>> Where? I've seen, in their FAQ, that they list IP space controlled by
>> spam-friendly providers.
>...And what part of their name - EARLY WARNING - did you miss?

So you admit they didn't actually make that claim, but you're
interpreting part of their name as being that claim?

> It is their position to list the entire IP space of a provider on
>the grounds that if a particular subspace of the provider's addresses
>hasn't spammed and isn't spamming, it WILL be spamming in the [near]
>future.

Can you list some providers whose entire IP space was listed? They
don't list all of SBC or MCI, for instance (to list two of the most
spammy networks around).

> That classifies the ENTIRE address space as a spam source.

Where do they say that? Oh, right, they don't, you invented it from
the phrase "Early Warning".

> That is SPEWS' sole reason for existence.

What is? Listing the entire network space (which they seldom do) of
spammy providers? Where do they say so? Or is that another invention
of yours, perhaps based on their name?

>What is their proof that these additional address blocks that haven't or aren't
>spamming will ever spam?

Where is the claim that they will ever spam?

> There is no such proof - thus the defamation

There is no such claim, hence no defamation.

> of the character of the ISP's other customers by calling them
>spammers has occurred.

You're the one calling them spammers, SPEWS doesn't. SPEWS calls them
customers of a provider that willingly provides services to spammers.
That doesn't imply that all of the provider's customers are spammers.

Qwest provides phone service to murderers. That doesn't say anything
about _all_ of Qwest's customers, now does it?

>> >> > Had they made that distinction, they might(*) have gained
>> >> >some respect and legitimacy.
>> >> >(*) - A very small probability, like 1:10^64.
>> >> So why would it be worth doing since it would have essentially no
>> >> effect?
>> >How do you know?
>> You're the one who claimed 1e-64. I know that that's a very small
>> number because I can do arithmetic.
>So, are you confirming that the chance that SPEWS could ever be respectful or
>legitimate is so remote as to be negligible?

No. I'm pointing out that your own argument lacks consistency with
your earlier statements.

>> > There may be people who decide to use their list to JUST
>> >target the spammers and NOT the non-spamming customers happening to exist at
>> >the same ISP.
>> Then those people are using the wrong tool. There are people who
>> decide to use a sledgehammer to JUST crush a mosquito and NOT destroy
>> the wall it's sitting on; they aren't likely to succeed, either. But
>> the fault is that of the person who chose the wrong tool, not the
>> tool.
>No kidding. However, there are people who are.

So what?

> They simply see SPEWS among the lists of available DNSBLs (where
>the others list only spammers, or only open relays, etc.) and ASSUME
>that SPEWS is another spammer list.

What about the lists (like blackholes.us) that list all IP addresses
in various countries, or all owned by specific companies, etc.? Or
what about the lists like nofalsenegatives.stopspam.samspade.org?

>> > SPEWS claims that ALL of the IP addresses listed are spam sources
>> Where do they claim that? Which number answer in their FAQ?
>Their PURPOSE statement

Where is that statement? I didn't see it on their website.

> - and the definition of their name says that.

Oh, you mean _your_ definition of their name.

>> >- and justifies the listing of those IPs that haven't actually spammed
>> Congratulations! You have just won the Boursey award for
>> self-contradiction.
>Exactly

Congratulations again. You're the first winner ever to _accept_ the
Boursey award.

> - the contradiction is the proof of the problem. The assumption was
>that ALL the addresses in the ISP's range will spam if they haven't
>already: A conclusion that they cannot prove.

Why should they prove a conclusion that you made up?

>> > by saying that they WILL (cf. "Early Warning" from its name).
>> Or at least that they might, or are more likely to than
>> randomly-chosen other IP addresses.
>"Early warning" requires that the condition that is tested for be true - and
>not a false positive.

So you claim. They don't.

> Legitimate mail sent from those non-previously or not-currently
>spamming addresses are false positives. SPEWS errs by making its
>definition that legitimate mail cannot be sourced from those
>addresses.

SPEWS does not make any such definition. All SPEWS says is that
_some_ system administrators have _chosen_ to deny email (or all
traffic) from those addresses. SPEWS doesn't claim that legitimate
email cannot come from those addresses; in fact, it specifically
indicates that it might.

>> > I'd like to see their PROOF that each address that isn't currently
>> >or in the past was spamming will spam.
>> You'll get that shortly after you provide PROOF that SPEWS says what
>> you claimed it did.
>Just what do you think the "E" and "W" in their name mean then?

East and West? You don't get to interpret their name into a claim and
then say they have to prove your claim. What they say is in their
faq, or elsewhere on their website. Anything else is your invention.

>> > [We all know they have none. They prefer to defame these non
>> >spammers than to tell the truth.]
>> How is it defamation to claim that, for instance, MCI owns a chunk of
>> IP space that MCI owns?
>It is when they (SPEWS) claims that the space is 100% spammer source

Only SPEWS doesn't make any such claim. SPEWS claims that

"SPEWS is a list of areas on the Internet which several system
administrators, ISP postmasters, and other service providers have
assembled and use to deny email and in some cases, all network traffic
from." That's the first paragraph on the front page of their website.

>> >> > However, they don't as any lookup into their information returns a
>> >> >binary result: Listed or not listed. Tell that to the 98% of
>> >> >non-spamming IP addresses that are listed.
>> >> Where did you invent that statistic from?
>> >It's not an invention. Do a survey of their evidence files and compute it
>> >yourself.
>> Where do you get the idea that their evidence files provide all the
>> evidence they have? It's easy to show that they don't.
>So, you're confirming that SPEWS is hiding something?

SPEWS lists spammers based on spam received at their spamtrap
addresses. They don't publish those spamtrap addresses; why should
they? Do you post everything you know, or are you hiding something?

>> >> >Since those parties use SPEWS' resources, it won't be spam.
>> >> Unsolicited, check. Bulk, check. Email, check. Yes, it's spam.
>> >So, you say that a resource provider has no right to contact the resource
>> >consumers about the use of that resource?
>> That's right.
>So much for product recalls and other such stuff..... Even common business
>practices clearly demonstrate the opposite.

Recall notices are not sent via email, are they? There are good
reasons for that.

>> >> Only a spammer invents implied consent for the provider of a website
>> >> to send email to anybody who reads anything on the website.
>> >The law does also.
>> That's a law written, bought, and paid for by spammers, right?
>Wrong. It existed before the use of the term "spam" was coined to describe
>junk electronic mail.

There was a law about providers of websites that early? Which law?

>> >> > Apparently, you don't think that a resource provider doesn't have a
>> >> >right to notify his customers (or other consumer of his services).
>> >> SPEWS can change its listings or its FAQ any time it wants. That
>> >> provides all the notification it needs to do.
>> >I never said that it couldn't. However, you didn't say that it couldn't notify
>> >the users of its resource if it chose to.
>> It certainly can, by posting to its web site. It can't by sending
>> unsolicited bulk email.
>Your proof that it can't contact its resource's users is: _________

Since SPEWS does not have permission, it would be sending Unsolicited
Bulk Email. That's spamming. I've told you that before. Why can't
you understand it?

Oh, and furthermore, SPEWS doesn't even _have_ a list of the email
addresses of its users. That makes notifying them by email even more
difficult.

>> >> Yeah, if you can get Internet access you can get to other email
>> >> providers no matter where you are. That doesn't help your argument
>> >> any.
>> >Written by someone who lacks the understanding of "hosting" services.
>> I understand just how easy it is to set up a colo box.
>Apparently not. I'm not talking about a SINGLE box. Try 20-50 at a time.

You need 20-50 boxes to send email? How much email are you sending?

>> >> >> Hosting is an easy one. Hosting can be done anywhere and by anybody
>> >> >> you choose. It is the dialup account which usually controls the IP
>> >> >> address from where your email comes from that is the big issue.
>> >> >SPEWS-fallacy #3.
>> >> My local connection has nothing to do with where my email is emitted.
>> >Non-sequitur.
>> Nope; precisely the issue. Since my email isn't limited to coming
>> from anything having to do with my local connection, I don't have to
>> care whether my local connection provider is blacklisted or even
>> blocked.
>Wrong.

You are.

> Your e-mail has to be sent somewhere, and since almost everyone BLOCKS
>all dial-up ports (for dial-up providers, those ports not their own), you have
>to send your email through a server (either your personal one or the one your
>ISP provides) as relay. It is the LATTER that would have the address that may
>be listed in an RBL.

Precisely my point. My server is co-located, and can be anywhere in
the world. I don't care who blocks my local connection provider; my
server doesn't, because it's MY SERVER. And since I did due diligence
before choosing a colo provider, its IP address isn't listed in any
blocklist (other than for being in the US, etc.)

>> >> Anyway, all they _need_ to move is their outgoing mailswerver; who do
>> >> you claim has 100 rack-mounted servers emitting email?
>> >Who said that all machines in the collection are mail servers? Not
>> >I.
>> So you only have to move one of them.
>You seemed to miss another point that is very subtile in the use of SPEWS:
>There are some who use the list to block access to WEBSITES and other services
>hosted at any listed IP address. Moving just the mail server may not be
>sufficient.

So you web browse from the servers? OK, relocate two or three of
them: one mailserver, one or two proxies.

>> Me, personally? I'd have them all at one facility; but then, I'd have
>> done my due diligence (you have heard that term before, haven't you?)
>> before choosing that facility, so I wouldn't be blocked due to
>> choosing a spam-friendly hosting facility.
>...And prove to me that you know of EVERY list and EVERY DNSBL that exists on
>the Internet for you to demonstrate that due dilligence was done....

Of course I don't. But I do know how to find the ones that are
important to me.

>The reality is that you can only check those lists you know to exist.

Well, no. There are several websites that automatically check lots of
lists. Some of them check lists I'd never heard of before.

But there's a simpler method: if google never heard of it, it's
unlikely to have enough users for me to care about.

>> >Wrong. It was precisely the case in my locality in 2002, just after a few
>> >hosting facilities went bankrupt after the 2001 stock-market bubble burst.
>> So use a hosting facility that isn't so local. You can reach it via
>> the Internet. You have heard of the Internet, haven't you?
>Not possible when one maintains one's OWN equipment.

Then you have to make some hard decisions. Life is like that. You're
the one who chose to live where you do; if some services aren't easily
available in your location, whose problem do you expect that is?

>> >This must be the case: Seth Breidbart, SPEWS-droid.
>> Hello, Moris[2].
>Who's Moris?

The original version of you.

>> >My play on twisting the words of the fable was quite clear: Those who do
>> >things CORRECTLY are the ones who get SCREWED.
>> Correctly means not using spam-friendly providers. Those who do
>> things correctly get their email through to their desired recipients.
>No. Correctly means not being MISCLASSIFIED as a spammer when one is not.

You're being correctly classified as a customer of a spam-friendly
provider. Deal with it.

>> > Society has never accepted that
>> >view and has laws to punish those who do so - criminal law.
>> Are you claiming that it's a crime for me to block anybody I want to
>> from my mailbox, for any reason or no reason? Under precisely which
>> statute?
>No, I didn't say that. However, it is actionable to defame someone by calling
>them something that they clearly aren't without a reasonable cause. [In this
>thread, I do have reasonable cause, based on your own statements, to call you a
>SPEWS-droid.]

Since that's a meaningless term it doesn't matter. On the other hand,
claiming someone "must be a career criminal" is libel per se. You
lose.

> Anyone who uses SPEWS to block mail from a source listed therein
>which is not the actual spam-source that initiated the listing is
>defaming the non-spamming source by calling them a spammer when they
>aren't.

You can't prove that claim. Someone can use SPEWS to block mail, and
all they are saying is "The emitting IP address is listed in SPEWS."
That doesn't imply that the sender is a spammer. Further, someone
using SPEWS to block email is sending the message (part of the 550)
only to the sender. It is not actionable for me to call you anything
if the only person who hears me is you; in order for any sort of
defamation to be actionable, it must be communicated to a third party.

Seth

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 11.06.2005 01:59:56 von bonomi

In article ,
D. Stussy wrote:
>On Mon, 6 Jun 2005, Mark Ferguson wrote:
>> On Mon, 06 Jun 2005 03:41:48 GMT, "D. Stussy" wrote:
>> >On Sat, 4 Jun 2005, Mark Ferguson wrote:
>> >> On Fri, 3 Jun 2005 23:49:23 +0000 (UTC), sethb@panix.com (Seth
>> >> Breidbart) wrote:
>> >>
>> >> >In article ,
>> >> >D. Stussy wrote:
>> >> >
>> >> >>SPEWS itself is unethical. They fail to make any distinction in
>their list
>> >> >>between the spammers themselves and the rest of the netblocks that those
>> >> >>spammers inhabit.
>> >> >
>> >> >Do they _say_ they make such a distinction?
>> >> >
>> >> >If I ever get around to implementing my NoPrimes dnsbl, will I be
>> >> >unethical because I don't make any distinction between prime number IP
>> >> >addresses that spammers inhabit and prime number IP addresses that
>> >> >spammers don't inhabit? If I say I'm listing prime number, and I do
>> >> >list prime numbers, then I'm not being unethical. Likewise, SPEWS
>> >> >does what it _says_ it does. If it isn't doing what _you want_, that
>> >> >doesn't make it unethical.
>> >>
>> >> I have attempted to explain that SPEWS sets their own criterea for
>> >> listings and if SPEWS deviates from those criterea then SPEWS has
>> >> false positives and would be unethical.
>> >
>> >But SPEWS also claims to be something that they truly aren't - a
>spammer list,
>>
>> That is just not true. They are a list of spam supporting providers
>> and not "just a list of IP addresses used for spamming".
>>
>> There is a distinction beteen the two.
>
>That distinction disappears when one reads their drivel further and reads the
>claim that if an address from a listed provider isn't currently spamming, then
>it WILL in the future. They make the assumption that EVERY customer of a
>listed ISP has, is, or will be a spammer. That kills the distinction.

A lie.

"Spammer-friendly" territory tends to attract more spammers. This is a fact,
not subject to dispute. It has been documented too many times, to need any
discussion.

Territory that _continues_ to allow spammers to live there means that
it *is* _more_likely_ that a 'neighbor' of the previously-identified spammer
will also be a spammer, than will someone at a 'different' address-space.

It is not a statement of certainty, but a statement of probability.

The function of *any* "early warning" system is to sound alarms, and
trigger defensive reactions _before_ the "suspected" event is 'proven'
to have taken place.

When the probability rises above a threshold level, you swat it. Whether
*or*not*, that threshold is at the level of 'certainty'.

>> >and that's how some people use them - as if they were. It may not be
>> >significant that SPEWS says otherwise in that usage dictates what they truly
>> >are.
>>
>> It is the user's responsability to verify the tool he/she is using is
>> the correct tool for the job. You keep attempting to make it the
>> manufacture's responsability for how their tool is used.
>
>In the context of your analogy, there are plenty of "OTHER manufacturers"
>(other DNSBLs) where their tools aren't MISUSED to deny legitimate (non-spam)
>mail. SPEWS has [or is] a DEFECTIVE tool.

Another lie.

"Defective' applies to something that does not function according to the
specifications for _that_ thing.

An automobile is "defective" if judged according to the specifications for
an airplane.

A Morris Mini is "defective" if judged according to the passenger-carrying
specifications of a Cadillac Fleetwood.

A shovel is 'defective' if judges according to the specifications for a hammer.

A "tack hammer" is 'defective', if judged according to the specifications for
a "maul".

People who use a tool, *without* _understanding_what_the_tool_is_and_does_
does, may hae some 'suprises'. This is *NOT* the fault of thetool.

SPEWS may be 'inappropriate' for some -- even 'many' -- uses. I don't think
there is any one that would dispute that.

That does *NO* mean that it is 'defective" in any way. It does _exactly_
what it's producers/maintainers state that it does. No more, no less.

>> >> I guess I am not being clear enough or the reader is not capable of
>> >> common sense. I gave it up.
>> >
>> >Definently the former. If anyone had common sense, they would see the
>> >operators of SPEWS for what they truly are - spineless cowards and liars.
>>
>> So like MAPS SPEWS should open themselves up to lawsuits so they can
>> be sued out of exisitance. I am not sure why protecting oneself for
>> their right to offer their opinion is a bad thing or makes them
>> spineless cowards but I am sure you or Moris will enlighten us.
>
>I don't see the other, non-anonymously controlled DNSBLs being sued.

Open your eyes. Take off your blinders.

Let me point out just a few *documented*FACTS*.

1) MAPS -- the original blocklist service -- was sued _multiple_ times.
not only did they lose a couple of cases, they found that they "couldn't
afford" to keep winning.
2) A non-anonymous blocklist in Australia was sued out of business.
3) A non-anonymous blocklist in California _was_ shut down by the *threat*
of a lawsuit. He couldn't afford to be "right".
4) At one point SPAMHAUS was served with formal 'notice of intent to file'
unless some material was changed. That material _was_ changed.

The fact that you are ignorant of history and reality does not change
that reality.

> SPEWS
>only hides because they know that they are EXCEEDING what the [Internet]
>society permits by custom - exceeding it into defaming the non-spamming
>customers of the affected ISPs.

Pure bullshit.

Before you can be 'defame' someone, you have to say/do things that
*uniquely*or*unambiguously* identify the _specific_ party that is
claiming defamation.

If I were to say that "all are "
you, *just*because* you are a member of , _cannot_ (successfully,
that is) sue me for defamation unless you can show that that remark was
specifically intended to refer to you.

SPEWS actions in listing an IP address (or range) doesn't defame _anybody_.
Not the spammer, not the provider, not anybody else caught up in that they
euphamistically call 'inadvertent blocking'.

The only _possibly_ "defamed" parties, are those _named_ in the various
'supporting material' for why a particular address (or range) is blocked.

[[.. munch ..]]

>> How is this lying?
>
>SPEWS lies in their own FAQ. [That has already been documented in last year's
>posts.]

Stussey lies in his own postings.

SPEWS writes *factually*accurate* statements that are easy to misread, and
*when*mis-read*, lead one to draw erroneous conclusions. Mr. Stussey fell
victim to that, and has never recovered.

>> >> The actual and very real problem is SPEWS does not have a database of
>> >> email addresses for those that use SPEWS. SPEWS has no way of knowing
>> >> who is using their lists. Who uses a mirror site and no email address
>> >> is logged when the list is accessed.
>> >
>> >The mirrors who implement the SPEWS list as a DNSBL know who has used them.
>> >SPEWS knows who these mirrors are by logging the IP addresses of any who
>> >download their lists off of SPEWS' own website or FTP server. The
>information
>> >CAN be had; it's possible.
>>
>> Possible != right
>
>Only to the LAZY and those with a REASON TO HIDE.

"Ignorance in action"

SPEWS _does_not_, in and of itself, have *any* way of telling "who" pulled
the data off SPEWS web-site or FTP server. Have you ever heard of theis
arcane concept called "Dynamic IP addresses?" To find out 'who' was using
that particular IP address at that particular time, one would have to:
(a) file a preliminary legal action, (b) convince a judge that you 'needed'
that information as part of the lawsuit, (c) serve the resultant subpoena
on the ISP, and (d) *hope* that they still had records of who was using that
address at that time. Now, in the case of an 'internet cafe', or a wireless
"hot spot" the odds of their even _having_ -- let alone retaining -- that
information are *not* very good.

>> You ask them to do that which they are fighting against. Then when
>> you told how this is wrong in so many ways you simply ignore the truth
>> and amble towards another half truth cluching it to you as closely as
>> you can.
>
>I didn't ask them to violate their own premises. I asked them to contact their
>userbase about the service they actually provide to those users. That
>relationship means that such contact is NOT spam. Only a SPEWS-droid has such
>a convoluted mind so as not to understand such a simple concept.
>
>> Because I use MicroSoft on one machine does not give them the right to
>> approach me to sell me other things they offer.
>
>I didn't say that it did. However, your example is off base. They would be
>contacting you with regard to their product that you DO use, not another that
>you might or might not.

"Those who do not remember history are doomed to repeat it."

Were you on the net in early 1999?

When MS sent a "free y2k update" notice to _every_ address they had for
people that had so much as asked a support question about their products?

Do you remember what the near-universal reaction to _that_ spamming was?

>> >I never suggested that they would have any right to contact you about OTHER
>> >products or services they may offer. My suggestion was in the narrow context
>> >of regarding a product or service that you DO USE on a continuous basis.
>>
>> They do not have that right if I have not given it to them. My use of
>> their service is not what I consider prior consent. Others think it
>> does create a prior relationship and while I agree it does I also will
>> end that business relationship over something I percieve as wrong.
>
>What you think is wrong. Business law doesn't agree with you.

Actually, what *you* think is wrong. In many jurisdictions, the _right_
of the customer to 'deal anonymously' with the vendor/seller is *expressly*
recognized, and sellers are _required_ to make that mode of transaction
available "whenever possible". That is _statutory_ law, at the national
level.

In case it's not obvious to you, one of the essential elements of being able
to 'deal anonymously' with a seller is that the seller has no knowledge of
the identity of the buyer, and *no*way* to contact them, "should it become
necessary".

Ergo, if the buyer has the right to remain anonymous, the seller has *NO*
right to contact them.

>> I do not pay the provider to send me ads or ask me questions about
>> their service. If I have an issue I will send in a note or make a
>> telephone call. There have been issues since moving out of state in
>> dialup and news service. I have worked with my provider to fix these
>> issues because I like my provider because they do nit support spammers
>> and they give good service.
>
>And you're an asshole who would probably try to sue a manufacturer over a
>defective item despite the fact that their letter to you informing you of the
>defect was returned (as refused) before you were damaged as a result of the
>defect. Sorry - that's the way to LOSE a lawsuit.

Of course, if that mail-piece goes in the wastebasket _unopened_, then no
'constructive notice' has been given, and the manufacturer is *still* on
the hook for full liability resulting from their defect.

Even the returned unopened ("refused") mail does not constitute 'notice',
for purposes of relief of liability. It shows an "effort" was made to
notify of the problem, and would be a viable defense against a "gross
negligence" claim. But it does *NOT* alleviate the manufacturer of the
liability for the original 'defect', nor for claims of "ordinary" negligence.

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 11.06.2005 05:43:57 von Mark Ferguson

On Fri, 10 Jun 2005 23:59:56 -0000, bonomi@host122.r-bonomi.com
(Robert Bonomi) wrote:

>In article ,
>D. Stussy wrote:
>>On Mon, 6 Jun 2005, Mark Ferguson wrote:
>>> On Mon, 06 Jun 2005 03:41:48 GMT, "D. Stussy" wrote:
>>> >On Sat, 4 Jun 2005, Mark Ferguson wrote:
>>> >> On Fri, 3 Jun 2005 23:49:23 +0000 (UTC), sethb@panix.com (Seth
>>> >> Breidbart) wrote:
>>> >>
>>> >> >In article ,
>>> >> >D. Stussy wrote:

Snipped a good post.

His stupidity is to time consuming for me. He continues to post the
same non-points over and over agian without anything to back them up.

--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 11.06.2005 15:11:11 von bonomi

In article ,
D. Stussy wrote:
>On Tue, 7 Jun 2005, Seth Breidbart wrote:
>> In article ,
>> D. Stussy wrote:
>> >On Fri, 3 Jun 2005, Seth Breidbart wrote:
>> >> In article ,
>> >> D. Stussy wrote:
>> >> >SPEWS itself is unethical. They fail to make any distinction in
>their list
>> >> >between the spammers themselves and the rest of the netblocks that those
>> >> >spammers inhabit.
>> >>
>> >> Do they _say_ they make such a distinction?
>> >
>> >No, yet they make the claim that their list is to be used for anti-spam
>> >purposes.
>>
>> It is. The purpose of blocking email from spam-friendly networks is
>> an anti-spam purpose.
>>
>> >You didn't make any claim that you list spammers. SPEWS claims that
>> >they list spam sources.
>>
>> Where? I've seen, in their FAQ, that they list IP space controlled by
>> spam-friendly providers.
>
>...And what part of their name - EARLY WARNING - did you miss? It is their
>position to list the entire IP space of a provider on the grounds that if a
>particular subspace of the provider's addresses hasn't spammed and isn't
>spamming, it WILL be spamming in the [near] future.

Correction: Not "will", but "is more likely to".
> That classifies the ENTIRE
>address space as a spam source.

"Not Exactly."

> That is SPEWS' sole reason for existence.

>What is their proof that these additional address blocks that haven't or
>aren't spamming will ever spam?

Who says "proof" is a prerequisite for a _warning_ system?

When the _likelihood_ of the event occurring increases significantly above
the 'background' level, WARNING is entirely justified

It is *WELL*DOCUMENTED* that 'spammer tolerance' attracts other spammers to
the neighborhood. Spammers spend a _lot_ of time telling each other where
'safe' places to buy services are.

> There is no such proof - thus the defamation of the
>character of the ISP's other customers by calling them spammers has occurred.

When the probability of an event occurring from a specific area is higher
than the probability of that event occurring in any arbitrary area, the
issuance of a warning is entirely justified.

*No* defamation of any particular customer has occurred.

The fact that the customer "lives in a bad neighborhood" is sufficient grounds
for the pizza company to refuse to deliver there, *regardless* of the nature
of that particular customer. The customer is not being defamed because the
pizza company won't deliver to _them_.

>> > There may be people who decide to use their list to JUST
>> >target the spammers and NOT the non-spamming customers happening to exist at
>> >the same ISP.
>>
>> Then those people are using the wrong tool. There are people who
>> decide to use a sledgehammer to JUST crush a mosquito and NOT destroy
>> the wall it's sitting on; they aren't likely to succeed, either. But
>> the fault is that of the person who chose the wrong tool, not the
>> tool.
>
>No kidding. However, there are people who are. They simply see SPEWS among
>the lists of available DNSBLs (where the others list only spammers, or only
>open relays, etc.) and ASSUME that SPEWS is another spammer list.

And your point is?

Those who use a tool for something *other* than what it is designed for
are the parties responsible for that mis-use. *NOT* the tool manufacturer.

Is the manufacturer of an ice pick "responsible" because someone uses it
for driving nails?

>> > Without a distinction between these two classes, such is
>> >impossible.
>>
>> So use a different list.
>>
>> > SPEWS claims that ALL of the IP addresses listed are spam sources
>>
>> Where do they claim that? Which number answer in their FAQ?
>
>Their PURPOSE statement - and the definition of their name says that.

BZZZZT. An 'early warning' system, *BY*DEFINITION* signals warnings *before*
events happen. They alert when the _probability_ of the event happening
is 'higher than normal'.

Spammers *DO* flock to 'where they are not unwelcome'. This is *well*
established. Spammers spend lots of time telling each other where such
places are.

The *continued* presence of _one_ spammer is a definite indicator that spammers
ARE 'not unwelcome" in that address-space.

Thus the ongoing presence of a _detected_ spammer *DOES* make for an
increased probability of more spammers in that neighborhood.

This *does* mean that anybody else in that neighborhood is "more likely"
to be a spammer than elsewhere.

When you have identified a location as being that of a "crack" house the
probability g *does* go up that anybody you run into in the vicinity of
that house *is* a crack user.

The same thing applies to 'spammer friendly' neighborhoods.

>> >- and justifies the listing of those IPs that haven't actually spammed
>>
>> Congratulations! You have just won the Boursey award for
>> self-contradiction.
>
>Exactly - the contradiction is the proof of the problem. The assumption was
>that ALL the addresses in the ISP's range will spam if they haven't already: A
>conclusion that they cannot prove.

You lie. The presumption is that "spam is MORE LIKELY to come from those
addresses, than from an equivalent number of addresses from a 'non-spammer-
supporting provider".

FACT: if you have a "small" spammer (sending only 100k spam messages/day)
sitting on one address, and 255 'good' users (sending 50 legitimate emails/day
each), occupying the other addresses in that /24 block, the odds of a 'random'
email received from "somewhere in that block" being spam are roughly 9:10.

>> > by saying that they WILL (cf. "Early Warning" from its name).
>>
>> Or at least that they might, or are more likely to than
>> randomly-chosen other IP addresses.
>
>"Early warning" requires that the condition that is tested for be true - and
>not a false positive.

FALSE. 'Early warning' of a potential earthquake does *NOT* require that the
earthquake actually happen -- mere that circumstance are such that it there
is a 'significantly better than usual' possibility of it happening.

> Legitimate mail sent from those non-previously or
>not-currently spamming addresses are false positives. SPEWS errs by making its
>definition that legitimate mail cannot be sourced from those addresses.

FALSE TO FACT. SPEWS "Early warning" asserts that mail from those addresses
has a _higher_probability_ of being spam than does mail from non-listed
addresses. People who have decided to block on that basis have simply made
the decision that it "isn't worth the trouble" to try to separate out the
good stuff from the bad stuff in _those_ areas.

>> > I'd like to see their PROOF that each address that isn't currently
>> >or in the past was spamming will spam.

Early warning systems do not operate on the basis of "proof". When the
'probability' of the event is sufficiently above 'background noise' levels,
they trigger.

The _ongoing_ prepense of one spammer *does* increase the probabilities that
other spammers will be found in the neighborhood.

>> > [We all know they have none. They prefer to defame these non
>> >spammers than to tell the truth.]
>>
>> How is it defamation to claim that, for instance, MCI owns a chunk of
>> IP space that MCI owns?
>
>It is when they (SPEWS) claims that the space is 100% spammer source without
>proof that each and every address in that space is individually a spammer
>souce. SPEWS makes its claim based on as little as 1% or 2% of the space being
>a confirmed spammer.

You lie. SPEWS makes no such claim.

>> >> >Since those parties use SPEWS' resources, it won't be spam.
>> >> Unsolicited, check. Bulk, check. Email, check. Yes, it's spam.
>> >So, you say that a resource provider has no right to contact the resource
>> >consumers about the use of that resource?
>>
>> That's right.
>
>So much for product recalls and other such stuff..... Even common business
>practices clearly demonstrate the opposite.

So much for your knowledge of international law.

Many countries *require* that customers be able to buy things anonymously.
Which means that the seller has *not*possible*way* to contact the buyer.
The possibility for contact exists *ONLY* if the customer allows it.
This clearly establishes who has the 'rights' in that situation.

>> >> Only a spammer invents implied consent for the provider of a website
>> >> to send email to anybody who reads anything on the website.
>> >The law does also.
>>
>> That's a law written, bought, and paid for by spammers, right?
>
>Wrong. It existed before the use of the term "spam" was coined to describe
>junk electronic mail.

>> >> > Apparently, you don't think that a resource provider doesn't have a
>> >> >right to notify his customers (or other consumer of his services).
>> >> SPEWS can change its listings or its FAQ any time it wants. That
>> >> provides all the notification it needs to do.
>> >I never said that it couldn't. However, you didn't say that it
>couldn't notify
>> >the users of its resource if it chose to.
>>
>> It certainly can, by posting to its web site. It can't by sending
>> unsolicited bulk email.
>
>Your proof that it can't contact its resource's users is: _________

Laws in a number of countries *requiring* that the consumer have the choice
to do business *anonymously*. For starters, most of the former British
Empire, most of the European Union, and others.

>> >> >> There are always other places to go unless you live in a majorly
>> >> >> unihabited part of the world that has been left undeveloped, which
>> >> >> there are places that are like that.
>> >> >SPEWS-fallacy #2.
>> >> Yeah, if you can get Internet access you can get to other email
>> >> providers no matter where you are. That doesn't help your argument
>> >> any.
>> >Written by someone who lacks the understanding of "hosting" services.
>>
>> I understand just how easy it is to set up a colo box.
>
>Apparently not. I'm not talking about a SINGLE box. Try 20-50 at a time.

*ONE* phone call. 5 minutes. and a checkbook. that's *all* it takes.

>> >> >> Hosting is an easy one. Hosting can be done anywhere and by anybody
>> >> >> you choose. It is the dialup account which usually controls the IP
>> >> >> address from where your email comes from that is the big issue.
>> >> >SPEWS-fallacy #3.
>> >> My local connection has nothing to do with where my email is emitted.
>> >Non-sequitur.
>>
>> Nope; precisely the issue. Since my email isn't limited to coming
>> from anything having to do with my local connection, I don't have to
>> care whether my local connection provider is blacklisted or even
>> blocked.
>
>Wrong. Your e-mail has to be sent somewhere, and since almost everyone BLOCKS
>all dial-up ports (for dial-up providers, those ports not their own), you have
>to send your email through a server (either your personal one or the one your
>ISP provides) as relay. It is the LATTER that would have the address that may
>be listed in an RBL.

You are either ignorant, stupid, or deliberately lying.

If as you seem to be claiming, _all_ dial-up ports were blocked by everybody,
a dial-up connection wouldn't be usable by anybody for anything.

Since that is "obviously" not the case, your entire claim falls flat.

If you want to claim that just the 'standard unauthenticated mailserver port'
is generally blocked from being accessed by dial-up ports, that comes somewhat
closer to reality.

Of course, when expressed *that* way, it becomes clear that one does *NOT*
have to use 'your personal server, or the one your ISP provides' as a relay.
You can use *any* appropriately configured server, _anywhere_, that you can
communicate with over ANY non-blocked port. e.g. a server, anywhere, that
you can talk to via the 'standard *authenticated* mailserver access port',
or a server that you can talk to via a SSL tunnel, with 'port forwarding'.

These things work *regardless* of whether your local IP address, or the
IP address of your ISP's server are listed in SPEWS.

Either you are ignorant of how things can be configured, too stupid to
understand what alternatives are possible, or you are deliberately mis-
representation the situation. I _don't_ think you are stupid. I cannot
evaluate the probabilities on the other alternatives.

>> >> >Proof that SPEWS-fallacy #2 is false. Sometimes, there are no alternate
>> >> >providers for one to go to (especially when demand outstrips supply).
>> >> That just isn't the case.
>> >Wrong. It was precisely the case in my locality in 2002, just after a few
>> >hosting facilities went bankrupt after the 2001 stock-market bubble burst.
>>
>> So use a hosting facility that isn't so local. You can reach it via
>> the Internet. You have heard of the Internet, haven't you?
>
>Not possible when one maintains one's OWN equipment. (You should already know
>this; it's been posted before).

Of course, it *IS* possible. It just "costs more" -- in terms of 'down time',
and travel time when there is a problem, or in 'payroll', to have somebody
local to the equipment.

The fact that you are "not willing" to pay the price to do it, does not mean
that it is "not possible".

>> > Society has never accepted that
>> >view and has laws to punish those who do so - criminal law.
>>
>> Are you claiming that it's a crime for me to block anybody I want to
>> from my mailbox, for any reason or no reason? Under precisely which
>> statute?
>
>No, I didn't say that. However, it is actionable to defame someone by calling
>them something that they clearly aren't without a reasonable cause. [In this
>thread, I do have reasonable cause, based on your own statements, to call you a
>SPEWS-droid.] Anyone who uses SPEWS to block mail from a source listed therein
>which is not the actual spam-source that initiated the listing is defaming the
>non-spamming source by calling them a spammer when they aren't.

I hereby accuse _you_ of lying. *Deliberately*, intentionally, and "with
intent to defame".

Blocking mail from _any_ source, for any reason, is not saying that the
sender of that mail *is* a spammer; it is merely a statement that the
receiver (be it the host system, or the end user) is unwilling to spend the
time/trouble/effort to determine what the classification of that message
actually is.

The pizza delivery place has been ripped off too many times, making
deliveries into a particular neighborhood, so thy don't deliver to *ANY*
address in that neighborhood any more. That is *not* saying that everyone
who orders a pizza from that neighborhood is a thief. The fact that they
will not deliver to your house does *NOT* mean that they are calling _you_
a thief. If they ask the Chinese food place next door what neighborhoods
*they* refuse to deliver to, and chose to also 'not deliver' to those
neighborhoods, There is *NO* defamation of any resident of those areas by
either company.

You on thew other hand _have_ defamed each and every mailserver operator
that uses SPEWS by publicly claiming that all those 'identifiable persons'
have committed an actionable tort, when, in fact, they have done no such thing.

The 'good news' is that your credibility is such that it would be difficult
to show any actual 'harm' done by that defamation.

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 13.06.2005 01:12:12 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 13.06.2005 01:59:47 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 13.06.2005 02:05:47 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 13.06.2005 03:10:38 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 13.06.2005 04:05:55 von Mark Ferguson

On Mon, 13 Jun 2005 00:05:47 GMT, "D. Stussy"
wrote:

>On Fri, 10 Jun 2005, Mark Ferguson wrote:
>> On Fri, 10 Jun 2005 23:59:56 -0000, bonomi@host122.r-bonomi.com
>> (Robert Bonomi) wrote:
>>
>> >In article ,
>> >D. Stussy wrote:
>> >>On Mon, 6 Jun 2005, Mark Ferguson wrote:
>> >>> On Mon, 06 Jun 2005 03:41:48 GMT, "D. Stussy" wrote:
>> >>> >On Sat, 4 Jun 2005, Mark Ferguson wrote:
>> >>> >> On Fri, 3 Jun 2005 23:49:23 +0000 (UTC), sethb@panix.com (Seth
>> >>> >> Breidbart) wrote:
>> >>> >>
>> >>> >> >In article ,
>> >>> >> >D. Stussy wrote:
>>
>> Snipped a good post.
>>
>> His stupidity is to time consuming for me. He continues to post the
>> same non-points over and over again without anything to back them up.
>
>I don't have to back up statements made by others when you know the source of
>those statements. Have SPEWS explain it to you.

I have no more time for:

SPEWS should spam their users.

GE, MS, etc... have the right to spam you if you own one of their
products.

Any store you have bought anything from has the right to spam you.

Did I miss anybody you think can spam me without my consent and
against my expressed will?

You explain this away with a re-existing relationship but fail to take
the lack of consent into consideration. I have given nobody my email
address, I have not registered any product I have ever purchased, I do
not use mail in rebates under any condition.

You fail to answer how these businesses would have gotten my email
address.

You fail on so many things and fail to offer a reasonable reason as to
why simply because I own a car, Toyota and Acura can now spam me.

You need to actually present a reason as to why I should make myself
available to these manufacturers, stores, etc... simply because I have
done business with them.

One, I did not see any contract for anything I purchased that required
contact or follow-up with any of these businesses or manufacturers.
If there had been any such requirement, not legally binding in any
fashion, I would have told them to go piss up a rope and took my money
some place else.

Present coherent reasons as your reason are without merit so far.
They are fed by your hatred for SPEWS rather then a valid reason as to
what constitutes a prior relationship. You further attempt to muddle
the issue with use of relationship by trying to define a business
relationship that does not exist as a family based relationship. then
you try and say because the family member sent you something not
expected it is spam.

This is an intentional attempt to obfuscate the term "Prior
Relationship" for your own purposes. Your attempt to obfuscate does
in no way change the fact that a business does not share either the
right to free speech the individual does nor do businesses share the
relationship a family member does.

This leads me to conclude you are a troll or your hatred for SPEWS
dictates your behavior. Until you make points with merit instead of
points based entirely on your anger and hatred of SPEWS I have no more
time.

--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 13.06.2005 06:22:08 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 13.06.2005 10:49:07 von bonomi

In article ,
D. Stussy wrote:
>On Sat, 11 Jun 2005, Robert Bonomi wrote:
>> *No* defamation of any particular customer has occurred.
>
>The defamation occurs by not distinguishing the spammers from the non-spammers.
>The only result returned by many implementations of their data is "listed" or
>"not listed."

a) You clearly don't know what the word defamation means, in regard to tort law.

b) 'Listed' does *NOT* mean 'spammer'. "listed" means "address-space we (the
SPARTICUS group) do not accept mail from". Nothing more. Spelled out
very succinctly in the FAQ - Q&A 1.

>As I said last year and recently repeated,

As if *you* make the rules. Bwaaahahaha!

>> The fact that the customer "lives in a bad neighborhood" is sufficient grounds
>> for the pizza company to refuse to deliver there, *regardless* of the nature
>> of that particular customer. The customer is not being defamed because the
>> pizza company won't deliver to _them_.
>
>A bad neighborhood - because only 1% of the population is bad? Get real.

I am. I've *been* there. Personally. Ask a pizza delivery company what the
_minimum_ is that it takes to get a neighborhood on the "won't take orders
from there" list. 4 or 5 problems is enough to get several _thousand_
potential customers blacklisted that way. That's around ZERO POINT ONE
per-cent. (0.1%, a full order of magnitude lower than what you think is
'unreal' You sir, in the words of the old Middle-Eastern proverb "knoweth
not, and _knoweth_not_ that he knoweth not"; worse, you seem proud of that
fact.)

I lived on the edge of such a territory, once upon a time. a block or two
over, and virtually _nobody_ would deliver -- to my building, "some would,
some wouldn't".

>> >> > There may be people who decide to use their list to JUST
>> >> >target the spammers and NOT the non-spamming customers happening
>> >> >to exist at the same ISP.
>> >>
>> >> Then those people are using the wrong tool. There are people who
>> >> decide to use a sledgehammer to JUST crush a mosquito and NOT destroy
>> >> the wall it's sitting on; they aren't likely to succeed, either. But
>> >> the fault is that of the person who chose the wrong tool, not the
>> >> tool.
>> >
>> >No kidding. However, there are people who are. They simply see SPEWS among
>> >the lists of available DNSBLs (where the others list only spammers, or only
>> >open relays, etc.) and ASSUME that SPEWS is another spammer list.
>>
>> Those who use a tool for something *other* than what it is designed for
>> are the parties responsible for that mis-use. *NOT* the tool manufacturer.
>>
>> Is the manufacturer of an ice pick "responsible" because someone uses it
>> for driving nails?
>>
>> >> > Without a distinction between these two classes, such is
>> >> >impossible.
>> >>
>> >> So use a different list.
>> >>
>> >> > SPEWS claims that ALL of the IP addresses listed are spam sources
>> >>
>> >> Where do they claim that? Which number answer in their FAQ?
>> >
>> >Their PURPOSE statement - and the definition of their name says that.
>>
>> BZZZZT. An 'early warning' system, *BY*DEFINITION* signals warnings *before*
>> events happen. They alert when the _probability_ of the event happening
>> is 'higher than normal'.
>
>Quite strange that the word "probability" does NOT appear in their
>self-description....

Quite strange that _your_ words, that every address in a blocked range
"*WILL* spam", does NOT occur in their self-description....

Quite *laughable* that someone could think that a system that gives warnings
*before* an event happens could work on _any_other_ basis.

Congratulations!

You've invented a new type of logical fallacy -- "early warning" systems must,
according to you, use "Propter Hoc, ergo Pre hoc" to validate their warnings.

> What they say is that they don't like the time lag
>between a spammer starting a spam run and the time it takes to list the spammer
>in a database - so they will list these spammers [sometimes even] BEFORE they
>spam (paraphrase of the third paragraph from SPEWS' home page). Therefore,
>what SPEWS lists are spammers and spam operations. One doesn't even find out
>that "spam operations" means the spammers' providers until one carefully reads
>the FAQ at Q&A 5 - and that's not even clear as it says that the netblocks were
>set up by known spammers - that is, an ENTIRE netblock listed is a spam source,
>even if it hasn't spammed yet. The FAQ doesn't actually say that the provider
>(ISP) hosting a [non-terminated] spammer is a "spam operation" until FAQ Q&A 6.
>This is counterintuitive to the common definition of what most people consider
>a spammer. FAQ Q&A 21 states that a "level 1 listing" is of netblocks that
>have "few or no legitimate customers." That's effectively calling EVERY
>address in those netblocks spammers.

You lie. You admit the information _IS_THERE_. Not as clearly as you desire;
Not as prominently as you desire, perhaps, buy you did admit that it *is*
there.

You can't even *quote* published data without maliciously distorting it.

The SPEWS FAQ "Q&A 21" does *NOT* say that listed blocks "have" (your word)
few or no legitimate customers, but blocks where few or no such customers
have been DETECTED. Whether or not you choose to admit it, there is a
significant difference between those two words.

If you read the FAQ Q&A1, it should be obvious that the SPARTICUS group has
access to fairly extensive "means" for 'detecting' legitimate e-mail senders
in any particular address-space.

The people/addresses that _do_not_ send e-mail directly from that address-
space are *not* part of the equation. Even by _your_ standards SPEWS never
'defames' any of _those_ people, because *NOBODY*EVER*ASKS* for an opinion
about those addresses. Since no opinion is ever offered, _regardless_ of
whether an expressed opinion _might_ be considered defamatory, The absence
of the expression of that opinion means that no *possible* defamation occurred.

>BTW, since legitimate senders don't spam, and SPEWS claims that they can detect
>legitimate senders (a necessary implication of FAQ Q&A 21), just HOW do they
>detect these legitimate senders if none of them ever sends any e-mail to anyone
>affiliated with SPEWS?

Do you know what the word 'detect' means? And what that requires, above and
beyond that it 'exist'?

Do you understand the difference between "not detected", and "not existent"?

Do you suppose it possible that an ISP postmaster might have an arcane object
known as a "log", that records addresses of the systems that send mail to
his customers?

And, _who says_ that nobody ever sends any email to anyone affiliated with
SPEWS? The FAQ Q&A1 makes it quite clear that 'at least some' of the
SPARTICUS group deal with incoming e-mail as a regular part of their daily
work.

Purely as a hypothetical, say that one of the SPARTICUS group was employed by
a _large_ mail-hosting operation -- "AOL" for instance, or "bluewin", or
"British Telecom", or maybe "outblaze", as a mail-admin, Do you suppose,
that in that scenario, they just _might_ have a d*mn good idea where most of
the active mail-servers in the entire _world_ are? Based simply on the
records of where 'legitimate' mail inbound to their system comes from?

You don't understand what you read; you make up interpretations not actually
supported by the facts, and claim they are gospel written _by_ SPEWS.

> Since they list [some] blocks with as little as 2
>spammers consuming 0.4% of the netblock's address range (e.g. /18), what is
>their proof that the remaining 99.6% of that block has "few or no legitimate
>customers?"

Could it be that they *do* have access to information that _you_ do not?

Who are *you* to demand that they show you everything that _they_ know?

Review the reason for the construction of the system. For them, collectively,
to protect _their_ systems. They owe _no_one_ any explanations of why they
do what they do, in the protection of *their* systems.

> To me, logically it would seem that there is a non-spammer
>population in the block that is a clear majority (hardly the "few or no[ne]"
>standard) wouldn't even be detectable by SPEWS. However, in order to claim
>that these non-spammers don't (or rarely exist), SPEWS either has to have a
>method of detecting them - OR has clearly lied about their non-spammer status
>by calling them additional spammers. [DNS entries aren't enough - as that
>doesn't distinguish between spammers and non-spammers.]
>
>> Spammers *DO* flock to 'where they are not unwelcome'. This is *well*
>> established. Spammers spend lots of time telling each other where such
>> places are.
>
>As I am not a spammer, I cannot confirm nor deny this. Apparently, you can....

You are thus proving that you are "ignorant", as well as "stupid".

There is published record in NANAE showing messages captured from spammer
bulletin-boards/web-sites demonstrating _exactly_ that.

Many times over. over a period going back years. See the "DHS Club" history
and "bulkbarn" references, just to name a couple.

Your lack of knowledge of historical events is duly noted.

>> The *continued* presence of _one_ spammer is a definite indicator that
>spammers
>> ARE 'not unwelcome" in that address-space.
>
>Not necessarily. It could be that everyone assumed that everyone else has
>already reported them, so no one does. ("Starvation")

Which is why I said "indicator" not "proof". "Proof" it is not, for the very
reason you point out. "Indicator" it *is*.

Networks where spammers are truly 'NOT welcome" tend to run various kinds of
instrumentation for monitoring and logging 'suspicious' activity. Spam
_origination_ -- on anything beyond the most trivial scale -- tends to have
*very* distinctive 'signatures', ones that are easily recognizable. A
relatively small amount of additional analysis, and there is enough info
"in hand" to justify 'pulling the plug'. *WITHOUT* need for _any_ 'external'
reports.

Networks that do _not_ do such things, fall into the category of 'networks
where spammers are "not unwelcome"'.

>> Thus the ongoing presence of a _detected_ spammer *DOES* make for an
>> increased probability of more spammers in that neighborhood.
>
>So you say. The ongoing presence can equally prove the "starvation" case I
>just cited above. You need some independent evidence to distinguish these two
>cases.

FALSE claim.

The continuing presence is _not_ proof that the network _is_ spammer-friendly.
It IS proof, however, that the network is *not* _actively_ spammer-UNFRIENDLY.
An _actively_ spammer-unfriendly network runs systems that can detect a
significant spam-run, set off alarms, =and= provide sufficient data for
'action', *without* the need for any 'external origin' reports.
The continued presence of the confirmed spammer establishes _without_doubt_
that the provider is *not* running such systems and/or is not acting on alerts
from those systems.

>> This *does* mean that anybody else in that neighborhood is "more likely"
>> to be a spammer than elsewhere.
>
>Only if it can be proven that the provider was contacted and did nothing -
>after REPEATED contacts from various people.

Again, FALSE TO FACT.

"Proof" is _not_ required. But, if you want to split hairs on that point,
The actual presence of a single spammer *IS* _proof_ that the provider did
not exercise "sufficient" due diligence in checking out the customer before
accepting their business.

the continued presence of the spammer is proof that the network is not running
(or not acting on alerts from) active spammer-detection tools.

Network operators are fully capable of gathering sufficient data for 'action'
without _any_ external origin reports.

>> When you have identified a location as being that of a "crack" house the
>> probability g *does* go up that anybody you run into in the vicinity of
>> that house *is* a crack user.
>
>But that does not mean that EVERYONE one runs into is a crack user. The
>analogy that SPEWS is using is that everyone IS, not that there's a higher
>probability of encountering one.

Strange, I cannot find those words "everyone IS" on their website, anywhere.

What you claim is nothing more than your "interpretation" of what their
intentions are. Unless you _are_ SPEWS, you don't know what SPEWS' intentions
_really_ are.

SPEWS asserts nothing more than "it's not worth the trouble of making a more
detailed determination -- the odds are 'unacceptably high' that this message
is spam."

>> The same thing applies to 'spammer friendly' neighborhoods.
>
>No dispute there.

You now agree that 'someone in a spammer-friendly neighborhood *is* more
likely to be a spammer'.

>> >> >- and justifies the listing of those IPs that haven't actually spammed
>> >>
>> >> Congratulations! You have just won the Boursey award for
>> >> self-contradiction.
>> >
>> >Exactly - the contradiction is the proof of the problem. The assumption was
>> >that ALL the addresses in the ISP's range will spam if they haven't
>> >already: A conclusion that they cannot prove.
>>
>> You lie. The presumption is that "spam is MORE LIKELY to come from those
>> addresses, than from an equivalent number of addresses from a 'non-spammer-
>> supporting provider".
>
>Wrong: Nothing in SPEWS' web site discusses probabilities.

NOTHING in SPEWS' web-site says that _all_ the listed addresses WILL spam,
as you claim it does.

Anyone with any understanding of "early warning" systems -- systems that alert
*before* an event happens -- would be aware that such systems *must* work
on probabilities; The 'fact' of the event that they are alerting about has
_not_ happened yet, and -- absent the dissolving of some of Dr Asimov's famed
"thiotimoline" -- there is simply *no*other*possible*way* for such for such
systems to operate.

It truly _is_ "so obvious" a matter that no explanation of that fact should
be required.

>> FACT: if you have a "small" spammer (sending only 100k spam messages/day)
>> sitting on one address, and 255 'good' users (sending 50 legitimate emails/day
>> each), occupying the other addresses in that /24 block, the odds of a 'random'
>> email received from "somewhere in that block" being spam are roughly 9:10.
>
>However, in that case, SPEWS should list the SINGLE spammer address and NOT
>LIST the /24 netblock which includes MANY non-spamming addresses (quite far
>from the "few or no[ne]" standard SPEWS claims it applies).

Why? Serious question, _why_ should they do that? If the probabilities
are 80% (or better) that _any_ message from that /24 is spam, WHAT IS WRONG
with declaring "it is too much trouble to try to sort out the good stuff from
the bad stuff, so I'm going to reject _all_ of it"?

> However, SPEWS'
>practice is contrary to this - and we know it from their own evidence files.
>We know that SPEWS would include the entire /24, claiming that there are ONLY
>spammers there, completely ignoring that by IP, the spammer population by
>percentage is only 0.391% (rounded) - because SPEWS has no practical way of
>detecting the other 255 "good users" [i.e. non-spammers].

You assert a right to dictate how SPEWS _should_ operate -- WHAT GIVES *YOU*
THAT RIGHT?

SPEWS does not operate according to _your_ principles of "rightness", fine.
That is good reason for _you_ to *not*use*it*.

When you start trying to impose YOUR idea of 'rightness' on others -- be
that 'other' SPEWS itself, or or just those who use SPEWS -- you overstep
yourself.

> That is morally
>wrong and use of such an entry effectively defames these 255 good users.

You continue demonstrate utter ignorance of the _facts_ of defamation.
You are advised to exercise care -- publicly accusing others of committing
defamatory acts, when there is no actual defamation in those acts *IS*
actionable defamation, in and of itself.

If they aren't sending mail from those addresses, then nobody ever *ASKS*
SPEWS for an opinion, and no defamation is _possible_.

The "pseudo defamation" you assert occurs, is entirely a figment of *your*
imagination.

You "impute" a meaning to the question/response that is "not supported by
the facts". And then assert that your imputed meaning is defamatory.

The SPEWS FAQ Q&A1 very precisely and succinctly states what SPEWS *is*.
Any assertation that it is anything _more_ than that is nothing more than
_unfounded_speculation_ by the party making the assertation.

A query of the SPEWS database is nothing more than "is this address listed
in the database?" and the answer is nothing more than "yes/no".
A 'yes' answer means *NOTHING*MORE* than "that address is in an area on the
Internet that several system administrators, ISP postmasters, and other
service providers have chosen to deny email and in some cases, other network
traffic, from."

Given that that group of "several system administrators, ISP postmasters, and
other service providers" *do*, in fact, use that database to protect their
own systems, then the query is a request for _factual_ data, and the response
is _nothing_more_ than an accurate response is a merely a "true fact". In
the jurisdiction where you live, "truth" is, _almost_invariably_, a *complete*
defense against a claim of defamation.

>> >> > by saying that they WILL (cf. "Early Warning" from its name).
>> >>
>> >> Or at least that they might, or are more likely to than
>> >> randomly-chosen other IP addresses.
>> >
>> >"Early warning" requires that the condition that is tested for be true - and
>> >not a false positive.
>>
>> FALSE. 'Early warning' of a potential earthquake does *NOT* require that the
>> earthquake actually happen -- mere that circumstance are such that it there
>> is a 'significantly better than usual' possibility of it happening.
>
>Again, you bring up the missing concept from the SPEWS web site: Probability.

Again you demonstrate utter ignorance of the basic principle underlying
*any* functional 'early warning' system.

It is so *fundamental*, so basic, a principle in the design of early warning
systems that there is no need to discuss it. It is, as you have pointed out
*right*there* in the _name_ of the system.

>> > Legitimate mail sent from those non-previously or
>> >not-currently spamming addresses are false positives. SPEWS errs by
>making its
>> >definition that legitimate mail cannot be sourced from those addresses.
>>
>> FALSE TO FACT. SPEWS "Early warning" asserts that mail from those addresses
>> has a _higher_probability_ of being spam than does mail from non-listed
>> addresses. People who have decided to block on that basis have simply made
>> the decision that it "isn't worth the trouble" to try to separate out the
>> good stuff from the bad stuff in _those_ areas.
>
>In SPEWS' view, it may very well have a higher probability of being - but that
>does not mean that it actually is. Furthermore, on a per-address basis for
>your /24 example above with 1 spammer and 255 non-spammers, the probability for
>any mail from that netblock being spam is still 0.391% spam and 99.609%
>NON-SPAM should the entire netblock be listed. Remember that quantity doesn't
>matter as the only criterion checked is the source IP address.

Are you really _that_ ignorant of basic statistics?

There are 100,000 spam messages flowing from 1 address, and 50 non-spam
messages flowing from each of 255 other addresses ("non-spam" total 12,750)

This means that there are a grand total of 112,750 messages/day flowing
out of that netblock.

For the sake of simplicity, postulate that they go to 112,750 different
users, at 112,750 different places.

This means that there are 112,750 _separate_ spam-detection tests done.
88.7% of those tests come up 'spam positive'.

11.3% of those tests come up 'spam negative'.

88.7% of _all_ the mail out of that block tests "spam positive'.

Thus the probability of _any_given_message_ from "somewhere" (exact location
unknown/unspecified) in that address-space returning 'spam positive' is 88.7%

You under-state the probability of any given message from that space as
being 'spam', by a factor of more than 226:1.

Note: in the 'real world', there are more likely to only a handful of
users in that netblock that send outgoing mail directly from those addresses.
Postulate that there are 10 such (probably a high estimate). You now have
only 500 'legitimate' emails, to go with the 100,000 pieces of spam ones.
100,000 spam/100,500 total gives a probability of 99.5025% that any given
message out of 'anywhere' in that netblock will be 'spam positive', and a
whopping 0.4975% that it will be 'spam negative'.

>> >> > I'd like to see their PROOF that each address that isn't currently
>> >> >or in the past was spamming will spam.
>>
>> Early warning systems do not operate on the basis of "proof". When the
>> 'probability' of the event is sufficiently above 'background noise' levels,
>> they trigger.
>
>Again, that concept that they fail to mention: Probability.

Again, demonstrating utter ignorance of the meaning of the name of the system.
It is *INTRINSIC* in the nature of _ANY_ "early warning" system.

>> The _ongoing_ prepense of one spammer *does* increase the probabilities that
>> other spammers will be found in the neighborhood.
>>
>> >> > [We all know they have none. They prefer to defame these non
>> >> >spammers than to tell the truth.]
>> >>
>> >> How is it defamation to claim that, for instance, MCI owns a chunk of
>> >> IP space that MCI owns?
>> >
>> >It is when they (SPEWS) claims that the space is 100% spammer source without
>> >proof that each and every address in that space is individually a spammer
>> >souce. SPEWS makes its claim based on as little as 1% or 2% of the
>space being
>> >a confirmed spammer.
>>
>> You lie. SPEWS makes no such claim.
>
>Yes, it does - when it says "few to no legitimate users detected."

You continue to lie.

Or you have no clue as to what the word "detected" actually means.

The quoted statement makes *NO* CLAIM WHATSOEVER about any user for whom no
activity was detected.

Just incidentally, if 'detection' did show 'a few' legitimate users,
your assertation that SPEWS claims that the space is 100% spammer space
would be remain a total fabrication, and defamatory misrepresentation.,

How many times have you seen *more*than*one* customer show up here, with
complaints about the _same_ address-block? (in the entire life-span of
nanae, I can recall only two cases, and in each case it was only two
customers. I have -never- seen three 'unique' complaints about the same
address-block)

How many times does one see "I'm blocked by SPEWS" postings that do _not_
start out with something similar to "I just got these addresses from my new
ISP and...."?

Those pieces of data, while not conclusive, *do* tend to suggest that SPEWS
does do a fairly good job of "limiting' the number of legitimate users
in the listed blocks, *when* they list them.

>> >> >> >Since those parties use SPEWS' resources, it won't be spam.
>> >> >> Unsolicited, check. Bulk, check. Email, check. Yes, it's spam.
>> >> >So, you say that a resource provider has no right to contact the resource
>> >> >consumers about the use of that resource?
>> >>
>> >> That's right.
>> >
>> >So much for product recalls and other such stuff..... Even common business
>> >practices clearly demonstrate the opposite.
>>
>> So much for your knowledge of international law.
>>
>> Many countries *require* that customers be able to buy things anonymously.
>> Which means that the seller has *not*possible*way* to contact the buyer.
>> The possibility for contact exists *ONLY* if the customer allows it.
>> This clearly establishes who has the 'rights' in that situation.
>
>Obviously, the purchasers didn't remain anonymous if the seller can identify
>them by repeated visits to the seller's premises.... That was the customer's
>choice - to repeatedly visit. [Your standard doesn't apply.]

You are an ignoramus. The seller is expressly _not_allowed _to retain any
identifying information that would _let_ them identify them as repeat
customers on 'repeated visits'. Unless the customer _permits_ it, the
merchant must act as if they had "never seen that customer before", even if
he's been coming into that shop every day for 10 years.

>> >> >> > Apparently, you don't think that a resource provider doesn't have a
>> >> >> >right to notify his customers (or other consumer of his services).
>> >> >> SPEWS can change its listings or its FAQ any time it wants. That
>> >> >> provides all the notification it needs to do.
>> >> >I never said that it couldn't. However, you didn't say that it
>> >couldn't notify
>> >> >the users of its resource if it chose to.
>> >>
>> >> It certainly can, by posting to its web site. It can't by sending
>> >> unsolicited bulk email.
>> >
>> >Your proof that it can't contact its resource's users is: _________
>>
>> Laws in a number of countries *requiring* that the consumer have the choice
>> to do business *anonymously*. For starters, most of the former British
>> Empire, most of the European Union, and others.
>
>Sorry - I'm not there.

Yet you know enough about where SPEWS is to assert what they _can_ do under
the laws where _they_ are, don't you?

Don't assert that _YOUR_ law applies elsewhere. It *doesn't*.

If you're going to assert "your law" applies to SPEWS, first you better show
_proof_ that SPEWS is _within_ the jurisdiction of "your laws".

>> >> >> >> There are always other places to go unless you live in a majorly
>> >> >> >> unihabited part of the world that has been left undeveloped, which
>> >> >> >> there are places that are like that.
>> >> >> >SPEWS-fallacy #2.
>> >> >> Yeah, if you can get Internet access you can get to other email
>> >> >> providers no matter where you are. That doesn't help your argument
>> >> >> any.
>> >> >Written by someone who lacks the understanding of "hosting" services.
>> >>
>> >> I understand just how easy it is to set up a colo box.
>> >
>> >Apparently not. I'm not talking about a SINGLE box. Try 20-50 at a time.
>>
>> *ONE* phone call. 5 minutes. and a checkbook. that's *all* it takes.
>
>And the boxes will magically teleport to the new facility?

It's not magic. It's not teleportation. But yes, it *all* gets done.

You just have to know the right phone number.
And have enough money in the checking account.

I saw a move of several _hundred_ servers, and over five *thousand* workstations
accomplished in precisely that way.

>> >> >> >> Hosting is an easy one. Hosting can be done anywhere and by anybody
>> >> >> >> you choose. It is the dialup account which usually controls the IP
>> >> >> >> address from where your email comes from that is the big issue.
>> >> >> >SPEWS-fallacy #3.
>> >> >> My local connection has nothing to do with where my email is emitted.
>> >> >Non-sequitur.
>> >>
>> >> Nope; precisely the issue. Since my email isn't limited to coming
>> >> from anything having to do with my local connection, I don't have to
>> >> care whether my local connection provider is blacklisted or even
>> >> blocked.
>> >
>> >Wrong. Your e-mail has to be sent somewhere, and since almost
>everyone BLOCKS
>> >all dial-up ports (for dial-up providers, those ports not their own),
>you have
>> >to send your email through a server (either your personal one or the one your
>> >ISP provides) as relay. It is the LATTER that would have the address
>that may
>> >be listed in an RBL.
>>
>> You are either ignorant, stupid, or deliberately lying.
>>
>>
>> >> >> >Proof that SPEWS-fallacy #2 is false. Sometimes, there are no
>alternate
>> >> >> >providers for one to go to (especially when demand outstrips supply).
>> >> >> That just isn't the case.
>> >> >Wrong. It was precisely the case in my locality in 2002, just after a few
>> >> >hosting facilities went bankrupt after the 2001 stock-market bubble burst.
>> >>
>> >> So use a hosting facility that isn't so local. You can reach it via
>> >> the Internet. You have heard of the Internet, haven't you?
>> >
>> >Not possible when one maintains one's OWN equipment. (You should
>already know
>> >this; it's been posted before).
>>
>> Of course, it *IS* possible. It just "costs more" -- in terms of 'down time',
>> and travel time when there is a problem, or in 'payroll', to have somebody
>> local to the equipment.
>
>And WTF do you think I do?

What I'm quite certain that you do is shoot your mouth off concerning a lot
of subjects about which you have no real knowledge.

Whatever else you do, it isn't of any particular relevance, nor interest.

> I AM one of the people "local to the equipment."

You're claiming your services are "*SO* valuable" that 'someone else' cannot
do the same job, should that become _necessary_, right? The proverbial "what
happens if you are hit by a truck?" applies.

The equipment _can_ move "somewhere else" if there is sufficient need for
that move. You either move with it, or you do not. You do *not* have to
move yourself and your family, "just because" the equipment moves. If you
do not move with it, then you _may_ have to hire an employee in the new
location, to do "what you used to do", But this does *NOT* mean that it is
"impossible" to have that equipment in a facility that is "not local" to you.

It _can_ be done. It merely "costs more". If that 'costs more' is more
than you are "willing to pay". then you *decide* not to do it. But it is
*NOT* 'impossible' to do, as you assert.

You _might_ be able to assert that doing so is "not feasible _for_you_".
without getting a lot of argument. Claiming that it is "impossible" is
outright falsehood. Other people *DO* do it. You -could- do it, if the
need was great enough.

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 13.06.2005 14:06:49 von bonomi

In article ,
D. Stussy wrote:
>On Fri, 10 Jun 2005, Robert Bonomi wrote:
>> In article ,
>> D. Stussy wrote:
>> >On Mon, 6 Jun 2005, Mark Ferguson wrote:
>> >> On Mon, 06 Jun 2005 03:41:48 GMT, "D. Stussy"
> wrote:
>> >> >On Sat, 4 Jun 2005, Mark Ferguson wrote:
>> >> >> On Fri, 3 Jun 2005 23:49:23 +0000 (UTC), sethb@panix.com (Seth
>> >> >> Breidbart) wrote:
>> >> >>
>> >> >> >In article ,
>> >> >> >D. Stussy wrote:
>> >> >> >
>> >> >> >>SPEWS itself is unethical. They fail to make any distinction in
>> >their list
>> >> >> >>between the spammers themselves and the rest of the netblocks
>that those
>> >> >> >>spammers inhabit.
>> >> >> >
>> >> >> >Do they _say_ they make such a distinction?
>> >> >> >
>> >> >> >If I ever get around to implementing my NoPrimes dnsbl, will I be
>> >> >> >unethical because I don't make any distinction between prime number IP
>> >> >> >addresses that spammers inhabit and prime number IP addresses that
>> >> >> >spammers don't inhabit? If I say I'm listing prime number, and I do
>> >> >> >list prime numbers, then I'm not being unethical. Likewise, SPEWS
>> >> >> >does what it _says_ it does. If it isn't doing what _you want_, that
>> >> >> >doesn't make it unethical.
>> >> >>
>> >> >> I have attempted to explain that SPEWS sets their own criterea for
>> >> >> listings and if SPEWS deviates from those criterea then SPEWS has
>> >> >> false positives and would be unethical.
>> >> >
>> >> >But SPEWS also claims to be something that they truly aren't - a
>> >spammer list,
>> >>
>> >> That is just not true. They are a list of spam supporting providers
>> >> and not "just a list of IP addresses used for spamming".
>> >>
>> >> There is a distinction beteen the two.
>> >
>> >That distinction disappears when one reads their drivel further and reads the
>> >claim that if an address from a listed provider isn't currently
>spamming, then
>> >it WILL in the future. They make the assumption that EVERY customer of a
>> >listed ISP has, is, or will be a spammer. That kills the distinction.
>>
>> A lie.
>
>Then explain SPEWS' statement (from their home page): "[they are listed]...
>even BEFORE they start spamming."

You mean the description of how "known spammers" that show are discovered
in a _previously_unidentified_ netblock are treated?

do you just enjoy pulling things out of context, or was the sentence too
complicated for you to follow?

>
>In order to be a valid RBL for anti-spam purposes, they need to list spammers.

According to _what_ authority? You??

>SPEWS claims that they even list some spammers (those who haven't or aren't)
>BEFORE they're spammers.

You lie.

They say they list "known spammers" on new netblocks, sometimes "before they
start spamming" from those netblocks.

> Therefore, any IP address they list that wasn't or
>isn't currently a spam source IS a future spam source.

Faulty logic, as usual. A form of 'post hoc, ergo propter hoc' to be precise.

"Some" address-blocks -- allocated to "known spammers" -- are listed before
any spam originates from that block.

*OTHER* addresses and blocks, are listed for *OTHER* reasons.

The accurate formulation of your statement is that any address *belonging*to*
*a*known*spammer* that wasn't or isn't currently a spam source IS *treated*as*
a future spam source.

> Look at what they DON'T
>SAY: SPEWS didn't say that it's a POTENTIAL future source - they say that it
>WILL BE (i.e. 100% certainty).

Strange, I don't see the words "will be" in that context, _anywhere on the
SPEWS web-site.
there is:
A11: Sorry, SPEWS is a list of known spammers, spamming operations and
spam supporters, if you fit the criteria there's a good chance you
will be listed and stay listed. ...
=======
A22: This includes all of Level 1, plus anyone who is spam-friendly,
supporting spammers, or highly suspicious, but not blatant enough to
be included in the Level 1 list yet. If it becomes obvious that
someone at Level 2 has become a real problem, they will be escalated
=======
to Level 1 after some attempt at education. ...
A25: Yes. If they venture into the pure unsolicited emailing world, or
have an un-managed "affiliate" program that causes spam problems
they will be listed.
=======
A26: SPEWS does not normally list open relays. Use an Open Relay
advisory list like ORDB, DSBL or the MAPS RSS to filter these. If a
spammer or spam operation has an open relay, it will be listed on
=======
that basis. SPEWS does not do relay or mailserver testing.
Q27: If I use SPEWS, is there an chance that non-spam email will be
=======
blocked?
A27: Yes...

>> "Spammer-friendly" territory tends to attract more spammers. This is a fact,
>> not subject to dispute. It has been documented too many times, to need any
>> discussion.
>
>I don't dispute that. However, I dispute and state that it is impossible to be
>a spammer before one has actually spammed.

Neat trick. to dispute *your*own*statement*.
You say:
"I dispute that it is impossible to be a spammer before one has actually
spammed."
"I state that it is impossible to be a spammer before one has actually
spammed."
Not satisfied with that, you combine both remarks into a _single_ sentence.

That aside, one can be a "known spammer" *before* one has spammed from any
particular address-space. the allocation of a new/additional address-space
to a 'known spammer' fully justifies 'pre-emptive' blocking of that space,
*before* any spam has originated from it.

There is no claim, other than in your mind, that SPEWS lists only spammers,

There is no claim, other than in your mind, that every address listed without
spam having come from that address, belongs to a spammer before they have
spammed.

You read a (not necessarily comprehensive) list list of possible reasons for
a listing, and conclude that anything which doesn't fit your mis-interpretation
of one reason must fall under your mis-interpretation of another reason.
You are so far off in left field, that it is not possible to construct a
rational rebuttal to the irrational argument you advance.

>> Territory that _continues_ to allow spammers to live there means that
>> it *is* _more_likely_ that a 'neighbor' of the previously-identified spammer
>> will also be a spammer, than will someone at a 'different' address-space.
>
>However, there is also a probability that they won't be. SPEWS' assumption is
>that this latter case is 0%, but cannot prove it.

You cannot know what SPEWS 'assumes', unless you are SPEWS.
Since you have denied that, previously, you either lied then or now.

> Per their own evidence
>files, what we know is that each netblock (at least the ones brought up as
>examples previously) has a population of 95%-99% non-spammers. Probability
>based on current occupancy favors a non-spammer over a spammer 20:1 or more.

Probability based on _volume_of_mail_produced_ from the netblock favors a
spammer over a non-spammer by a factor of 200:1 or more.

>SPEWS' assumption is not only wrong but flawed.

Stussy's statistics are not only wrong, but flawed.

>> It is not a statement of certainty, but a statement of probability.
>
>Even as a statement of probability, it's wrong - nowhere close to reality.

Those who know statistics, disagree.

"Figures don't lie, but liars can figure." applies to your attempts at
probabilities.

>> The function of *any* "early warning" system is to sound alarms, and
>> trigger defensive reactions _before_ the "suspected" event is 'proven'
>> to have taken place.
>
>Thus the conclusion that any listing that hasn't or isn't currently spammed
>WILL BE a spammer (100% certainty). I didn't pull that out of some random hat.

Demonstrating yet again, that you know less about logical, deductive reasoning
than you do about probability theory.
>
>> When the probability rises above a threshold level, you swat it. Whether
>> *or*not*, that threshold is at the level of 'certainty'.
>
>The problem is that the probability assigned by SPEWS has nothing to do with
>reality.

How could you *possibly* claim to know that?

You have a demonstrated ability to do basic arithmetic (with the help of
a calculator), and *TOTAL* non-comprehension of the fundamental concepts
of probability theory, and what elements you use to calculate a probability.

>> >> >and that's how some people use them - as if they were. It may not be
>> >> >significant that SPEWS says otherwise in that usage dictates what
>they truly
>> >> >are.
>> >>
>> >> It is the user's responsability to verify the tool he/she is using is
>> >> the correct tool for the job. You keep attempting to make it the
>> >> manufacture's responsability for how their tool is used.
>> >
>> >In the context of your analogy, there are plenty of "OTHER manufacturers"
>> >(other DNSBLs) where their tools aren't MISUSED to deny legitimate (non-spam)
>> >mail. SPEWS has [or is] a DEFECTIVE tool.
>>
>> Another lie.
>>
>> "Defective' applies to something that does not function according to the
>> specifications for _that_ thing.
>
>Not a lie:

Yes, it is.

> I have previously stated where the SPEWS design philosophy is
>flawed.

Correction: you have stated where your flawed interpretation of their design
philosophy does not agree with your opinions.

> The specifications have to work. SPEWS' specifications don't.

FALSE TO FACT. When evaluated dispassionately and objectively. something you
are apparently temperamentally incapable of.
> Even
>within the specifications stated (if they could work), the real-world
>probabilities demonstrate that the specs are wrong.

Real-world data demonstrates you lack the fundamental understanding of the
concepts underlying probability theory to calculate numbers that bear
any relationship to the real world.

>> An automobile is "defective" if judged according to the specifications for
>> an airplane.
>>
>> A Morris Mini is "defective" if judged according to the passenger-carrying
>> specifications of a Cadillac Fleetwood.
>>
>> A shovel is 'defective' if judges according to the specifications for
>a hammer.
>>
>> A "tack hammer" is 'defective', if judged according to the specifications for
>> a "maul".
>>
>> People who use a tool, *without* _understanding_what_the_tool_is_and_does_
>> does, may hae some 'suprises'. This is *NOT* the fault of thetool.
>>
>> SPEWS may be 'inappropriate' for some -- even 'many' -- uses. I don't think
>> there is any one that would dispute that.
>>
>> That does *NO* mean that it is 'defective" in any way. It does _exactly_
>> what it's producers/maintainers state that it does. No more, no less.
>
>No argument there. SPEWS operates as described. As I have stated, it's design
>is flawed - because it makes one or more false assumptions about the real
>world.

Stussy's analysis is flawed because it makes one or ore false assumptions
about the way SPEWS operates. Actually, it is _many_ 'more than one'.

>> >> >> I guess I am not being clear enough or the reader is not capable of
>> >> >> common sense. I gave it up.
>> >> >
>> >> >Definently the former. If anyone had common sense, they would see the
>> >> >operators of SPEWS for what they truly are - spineless cowards and liars.
>> >>
>> >> So like MAPS SPEWS should open themselves up to lawsuits so they can
>> >> be sued out of exisitance. I am not sure why protecting oneself for
>> >> their right to offer their opinion is a bad thing or makes them
>> >> spineless cowards but I am sure you or Moris will enlighten us.
>> >
>> >I don't see the other, non-anonymously controlled DNSBLs being sued.
>>
>> Open your eyes. Take off your blinders.
>>
>> Let me point out just a few *documented*FACTS*.
>>
>> 1) MAPS -- the original blocklist service -- was sued _multiple_ times.
>> not only did they lose a couple of cases, they found that they "couldn't
>> afford" to keep winning.
>
>MAPS doesn't currently exist.

You lie. You _really_ "don't know what you don't know". do you?

See: to find out just how wrong you are.

> They are not BEING sued. Regardless, that
>predated the anti-spam(mer) legislation that now exists.

So does SPEWS, So those suits are *entirely* relevant to the environment in
which SPEWS was set up.

>
>> 2) A non-anonymous blocklist in Australia was sued out of business.
>
>I haven't heard of this case. Name the list.

Your ignorance is not my problem.

It was a well-known list.
The lawsuit and results were widely reported

Plaintiff was a major OZ telco.
defendant sold his ISP business, and left the country.

>> 3) A non-anonymous blocklist in California _was_ shut down by the *threat*
>> of a lawsuit. He couldn't afford to be "right".
>
>No case filed => NOT sued.

Ask that victim how 'real' he believed the lawsuit threat to be.

Another California blocklist operator is defending a lawsuit _AT_THIS_TIME_.
He's solicited for help with legal expenses several times in NANAE.

>> 4) At one point SPAMHAUS was served with formal 'notice of intent to file'
>> unless some material was changed. That material _was_ changed.
>
>No case filed => NOT sued.

Ask Steve Linford how real that threat was. When the landsharks knocked on
his door, and handed him the demand, _and_ had the filing papers in-hand.

>> The fact that you are ignorant of history and reality does not change
>> that reality.
>>
>> > SPEWS
>> >only hides because they know that they are EXCEEDING what the [Internet]
>> >society permits by custom - exceeding it into defaming the non-spamming
>> >customers of the affected ISPs.
>>
>> Pure bullshit.
>>
>> Before you can be 'defame' someone, you have to say/do things that
>> *uniquely*or*unambiguously* identify the _specific_ party that is
>> claiming defamation.
>
>SPEWS has.

liar.
> It has made a statement that these people WILL SPAM (with
>certainty).

SHOW THEIR WORDS.

Not *your* 'interpretation' of what a combination of partial statements,
taken without regard to context, means.

> In the modern world, calling someone a spammer who is not is
>defamtory.

>
>> If I were to say that "all are "
>> you, *just*because* you are a member of , _cannot_ (successfully,
>> that is) sue me for defamation unless you can show that that remark was
>> specifically intended to refer to you.
>
>Right, and in the case of SPEWS, it would be equivalent to having my NAME on
>their list - so any such remark would be specifically intended to refer to me.
>
>> SPEWS actions in listing an IP address (or range) doesn't defame _anybody_.
>> Not the spammer, not the provider, not anybody else caught up in that they
>> euphamistically call 'inadvertent blocking'.
>
>Inadvertent means by mistake. SPEWS, according to their policy of operations,
>hasn't made a mistake by including someone who shares a netblock with a
>spammer. SPEWS' action isn't inadvertent.
>
>> The only _possibly_ "defamed" parties, are those _named_ in the various
>> 'supporting material' for why a particular address (or range) is blocked.
>
>Wrong. Blocking X because Y did something to Z is not a legally supportable
>position to block X. It's called capriciousness, which in itself is a valid
>cause for legal action.

Your demonstrated ignorance of the law gets broader and broader.

For starters, "Capriciousness' is *not* an cause for legal action, in and
of itself. Under the proper antecedent circumstances -- e.g. an express
requirement in law, to act in a 'reasonable and prudent' manner, it *may* be.

"Blocking X because Y did something to Z is not a legally supportable position
to block X." assumes, and presumes that a 'legally supportable position' is
necessary to block X. When, in point of actual fact, anyone can 'block X'
"just because they feel like it, today". Arbitrary as hell, Capricious as
hell. And *entirely* legal. *Unless* X has an express contract with that
party specifying that they will not block X.

>
>> [[.. munch ..]]
>>
>> >> How is this lying?
>> >
>> >SPEWS lies in their own FAQ. [That has already been documented in
>last year's
>> >posts.]
>>
>> Stussey lies in his own postings.
>
>Bonomi can't read. I have posted the contradictions in the SPEWS' FAQ last
>year (2004) and other related issues in 2003. As a regular NANAE reader, you
>should remember.

You posted contradictions in *your*interpretations* of what the FAQ says.
Nothing more.

If your interpretations are wrong, then your claim that they lie is wrong.

It is easily shown that you *do* lie in your postings. Like where you
claim MAPS doesn't exist.

>
>> SPEWS writes *factually*accurate* statements that are easy to misread, and
>> *when*mis-read*, lead one to draw erroneous conclusions. Mr. Stussey fell
>> victim to that, and has never recovered.
>
>If SPEWS' statements are so easy to misread, then explain why they haven't
>corrected or rewritten them?

I don't have 'explanations'. Nobody but SPEWS does.

I'll suggest a couple of _possible_ reasons:
1) they don't want to.
2) they've lost the access-code for the web-serve.
3) they "don't care", and it's "not worth the time/effort to do something
about.

My guess would be #3 -- The reason for the existence of SPEWS is for SPARTICUS
to use it in protecting _their_ systems. They _don't_care_ what anybody else
uses it for, or even *IF* anybody else uses it -- it *is* doing the intended
job _for_those_who_built_it_. Without any changes to the web-site.

SPARTICUS doesn't "owe" anybody any explanations of how/why any part of SPEWS
works. They don't owe anybody any "better' ones than now exist. They don't
owe anybody any explanations, *period*.

> The only reason why they haven't is that they
>planned to intentionally mislead the public from the start.

to establish that that is the only "possible" reason, you have to *PROVE* that
no other reason is possible. Try to disprove the the following alternative:
The server-space was paid for in advance, and that the person who paid
for it (and the only one who had the access codes) has died.
I have no idea whether that is, or is not, the case, but unless you can
disprove it, it shoots *big* holes in your claim that your "explanation" is
the "only reason" for the lack of change.

It appears _to_me_ that the language was *very*carefully*written*, with the
intention of not providing _any_ hooks to hang a possible lawsuit on.

From _that_ viewpoint, I see precisely _one_ one-word addition I would make
to the FAQ. Which is in A36. I would change the last part to read: "Note
that MERELY posting messages...."

False-to-fact "inferences" drawn from factually accurate statements are *not*
actionable in regard to the maker of the factually accurate statements.
_Even_if_ the author "should have known" that those erroneous inferences were
likely to be drawn.

>> >> >> The actual and very real problem is SPEWS does not have a database of
>> >> >> email addresses for those that use SPEWS. SPEWS has no way of knowing
>> >> >> who is using their lists. Who uses a mirror site and no email address
>> >> >> is logged when the list is accessed.
>> >> >
>> >> >The mirrors who implement the SPEWS list as a DNSBL know who has
>used them.
>> >> >SPEWS knows who these mirrors are by logging the IP addresses of any who
>> >> >download their lists off of SPEWS' own website or FTP server. The
>> >information
>> >> >CAN be had; it's possible.
>> >>
>> >> Possible != right
>> >
>> >Only to the LAZY and those with a REASON TO HIDE.
>>
>> "Ignorance in action"
>>
>> SPEWS _does_not_, in and of itself, have *any* way of telling "who" pulled
>> the data off SPEWS web-site or FTP server. Have you ever heard of theis
>> arcane concept called "Dynamic IP addresses?" To find out 'who' was using
>> that particular IP address at that particular time, one would have to:
>> (a) file a preliminary legal action, (b) convince a judge that you 'needed'
>> that information as part of the lawsuit, (c) serve the resultant subpoena
>> on the ISP, and (d) *hope* that they still had records of who was using that
>> address at that time. Now, in the case of an 'internet cafe', or a wireless
>> "hot spot" the odds of their even _having_ -- let alone retaining -- that
>> information are *not* very good.
>
>SPEWS knows fully well what IP was used and when. Such information CAN BE HAD
>(even if it means asking the dynamic IP assignor).

Tell me, how do you identify the 'user', when it came from a "drive-by Wi-Fi'
connection? Behind a residential NAT router that doesn't keep logs of the
NAT connections.

Or are you as ill-informed about networking as you are on law and probability
theory?

> Regardless, those who
>implement SPEWS' listing in public ways (e.g. SORBS) will have a FIXED address
>and their OWN logs of whom requested the data, etc.... It's not my problem
>that the information is not kept - it existed, and therefore SPEWS CAN KNOW.

I will agree that it is "theoretically possible" *some* of the time.

In a fair number of jurisdictions it is *NOT* _legally_ possible *at*all*.

In other jurisdictions, companies and providers have rules preventing such
disclosure *absent*a*court*order* requiring them to do so..

If SPEWS were to ask, say Comcast, for the id of the party using a particular
dynamic-pool address at a particular date/time, they would simply get laughed
at, and told to 'go get a court order'.

Can you suggest on what basis SPEWS might get a court to authorize a subpoena
for SPEWS to find out who SPEWS' user is?

>> >> You ask them to do that which they are fighting against. Then when
>> >> you told how this is wrong in so many ways you simply ignore the truth
>> >> and amble towards another half truth cluching it to you as closely as
>> >> you can.
>> >
>> >I didn't ask them to violate their own premises. I asked them to
>contact their
>> >userbase about the service they actually provide to those users. That
>> >relationship means that such contact is NOT spam. Only a SPEWS-droid
>has such
>> >a convoluted mind so as not to understand such a simple concept.
>> >
>> >> Because I use MicroSoft on one machine does not give them the right to
>> >> approach me to sell me other things they offer.
>> >
>> >I didn't say that it did. However, your example is off base. They would be
>> >contacting you with regard to their product that you DO use, not another that
>> >you might or might not.
>>
>> "Those who do not remember history are doomed to repeat it."
>>
>> Were you on the net in early 1999?
>>
>> When MS sent a "free y2k update" notice to _every_ address they had for
>> people that had so much as asked a support question about their products?
>>
>> Do you remember what the near-universal reaction to _that_ spamming was?
>
>No, nor did I ever get an e-mail from them. I also wasn't an NANAE reader
>then. However, I wouldn't call that spam as they LIMITED it to those who were
>using an affected product - and it addressed problems with CONTINUED USE of
>that product (cf. "product recall"). Yes, I was on the "net" then - and have
>been since the mid-1980's (via different means, of course).

It wasn't just _that_ product. it wasn't just those who had registered as
owners of that product. it wasn't just those who had asked to be notified
of availability of fixes.

If you had asked for info about a 'Microsoft mouse', you got the email.

if the last Microsoft product you had registered was MS-DOS 2.1 you got
the e-mail.

It *wasn't* even close to being as specific as a 'recall notice'.

It wasn't a "safety" issue.

It wasn't even an "it will totally stop working" issue.

>> >> >I never suggested that they would have any right to contact you
>about OTHER
>> >> >products or services they may offer. My suggestion was in the
>narrow context
>> >> >of regarding a product or service that you DO USE on a continuous basis.
>> >>
>> >> They do not have that right if I have not given it to them. My use of
>> >> their service is not what I consider prior consent. Others think it
>> >> does create a prior relationship and while I agree it does I also will
>> >> end that business relationship over something I percieve as wrong.
>> >
>> >What you think is wrong. Business law doesn't agree with you.
>>
>> Actually, what *you* think is wrong. In many jurisdictions, the _right_
>> of the customer to 'deal anonymously' with the vendor/seller is *expressly*
>> recognized, and sellers are _required_ to make that mode of transaction
>> available "whenever possible". That is _statutory_ law, at the national
>> level.
>
>Identify the statute.

One example: Australia "National Privacy Principles" Item 8

Read all about it at:
>
>> In case it's not obvious to you, one of the essential elements of being able
>> to 'deal anonymously' with a seller is that the seller has no knowledge of
>> the identity of the buyer, and *no*way* to contact them, "should it become
>> necessary".
>>
>> Ergo, if the buyer has the right to remain anonymous, the seller has *NO*
>> right to contact them.
>
>However, those buyers CHOSE not to remain anonymous when they contacted the
>seller.... The law(s) I asked you to cite won't apply anyway.

You "know not, and know not that you know not". The law in question specifies
that the seller must allow the customer to _conduct_their_transaction_
*anonymously*, if the customer so chooses, wherever it is lawful and practical
to do so. Applying for a credit-card is 'not practical' to do anonymously.
buying a pack of cigarettes *is*.

>> >> I do not pay the provider to send me ads or ask me questions about
>> >> their service. If I have an issue I will send in a note or make a
>> >> telephone call. There have been issues since moving out of state in
>> >> dialup and news service. I have worked with my provider to fix these
>> >> issues because I like my provider because they do nit support spammers
>> >> and they give good service.
>> >
>> >And you're an asshole who would probably try to sue a manufacturer over a
>> >defective item despite the fact that their letter to you informing you of the
>> >defect was returned (as refused) before you were damaged as a result of the
>> >defect. Sorry - that's the way to LOSE a lawsuit.
>>
>> Of course, if that mail-piece goes in the wastebasket _unopened_, then no
>> 'constructive notice' has been given, and the manufacturer is *still* on
>> the hook for full liability resulting from their defect.
>>
>> Even the returned unopened ("refused") mail does not constitute 'notice',
>> for purposes of relief of liability. It shows an "effort" was made to
>> notify of the problem, and would be a viable defense against a "gross
>> negligence" claim. But it does *NOT* alleviate the manufacturer of the
>> liability for the original 'defect', nor for claims of "ordinary" negligence.
>
>Unless the incident from which the liability arose occurred after the refusal
>of the notice. I've seen that too. All the manufacturer has to demonstrate
>is that the notice was properly addressed and otherwise deliverable.

Not hardly. If the post office lost it, if it was mis-delivered, there was
*no* actual notice given. The 'attempt' to notify gets the mfr. off the
hook for 'gross negligence', but *not* for the defect itself, or any direct
results therefrom, With notice 'attempted', plaintiff will _not_ get
'punitive' damages, can get 'compensatory' damages, will get 'actual'
damages. Subject to the degree of 'contributory negligence' by the plaintiff,
in many jurisdictions.

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 13.06.2005 14:19:46 von bonomi

In article ,
D. Stussy wrote:
>On Sun, 12 Jun 2005, Mark Ferguson wrote:
>> On Mon, 13 Jun 2005 00:05:47 GMT, "D. Stussy" wrote:
>> >On Fri, 10 Jun 2005, Mark Ferguson wrote:
>> >> On Fri, 10 Jun 2005 23:59:56 -0000, bonomi@host122.r-bonomi.com
>(Robert Bonomi) wrote:
>> >>
>> >> Snipped a good post.
>> >>
>> >> His stupidity is to time consuming for me. He continues to post the
>> >> same non-points over and over again without anything to back them up.
>> >
>> >I don't have to back up statements made by others when you know the source of
>> >those statements. Have SPEWS explain it to you.
>>
>> I have no more time for:
>>
>> SPEWS should spam their users.
>
>It wouldn't be spam, but you can't see the difference.

Lessee,

1) I didn't ask for it. it is therefore "unsolicited"
2) it was sent, "in substantiviely identical form" to a large number of
people. it is therefore "bulk"
3) it shoeed up in my email inbox. It is therefore "email"

Hmmm. "unsolicited bulk e-mail".

Sounds like spam to me.

"Good intentions" of the sender do *not* make a thing 'not spam'.

>> GE, MS, etc... have the right to spam you if you own one of their
>> products.
>>
>> Any store you have bought anything from has the right to spam you.
>>
>> Did I miss anybody you think can spam me without my consent and
>> against my expressed will?
>
>You obviously lacked the basic understanding to know that I did not say that
>they could spam you - meaning send you advertising about other products or
>services they offer. There is a distinction between random advertising and
>contacting people who own defective products.

Hve you ever heard: "its about _consent_, not *CONTENT*"

It doesn't matter *what* the thing is. If they cr*p in my mailbox without
my consent it is spam.

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 13.06.2005 14:54:57 von Mark Ferguson

On Mon, 13 Jun 2005 04:22:08 GMT, "D. Stussy"
wrote:

>On Sun, 12 Jun 2005, Mark Ferguson wrote:
>> On Mon, 13 Jun 2005 00:05:47 GMT, "D. Stussy" wrote:
>> >On Fri, 10 Jun 2005, Mark Ferguson wrote:
>> >> On Fri, 10 Jun 2005 23:59:56 -0000, bonomi@host122.r-bonomi.com (Robert Bonomi) wrote:
>> >>
>> >> Snipped a good post.
>> >>
>> >> His stupidity is to time consuming for me. He continues to post the
>> >> same non-points over and over again without anything to back them up.
>> >
>> >I don't have to back up statements made by others when you know the source of
>> >those statements. Have SPEWS explain it to you.
>>
>> I have no more time for:
>>
>> SPEWS should spam their users.
>
>It wouldn't be spam, but you can't see the difference.

How is it not spam?

It is sent without the consent of the recipient.
It is sent in bulk to many.
It is the same question to all.

You again are ruled by your hatred for SPEWS instead of reason.

Again, what is it you think gives SPEWS the right to spam?

>> GE, MS, etc... have the right to spam you if you own one of their
>> products.
>>
>> Any store you have bought anything from has the right to spam you.
>>
>> Did I miss anybody you think can spam me without my consent and
>> against my expressed will?
>
>You obviously lacked the basic understanding to know that I did not say that
>they could spam you - meaning send you advertising about other products or
>services they offer. There is a distinction between random advertising and
>contacting people who own defective products. You are correct that I didn't
>explain HOW they would obtain your mailbox address or know that you are in fact
>an owner of the product they made; I didn't have to - as you took the position
>that it was spam too when it is not (because of your own personal failures).

Tell me.

Just what is the difference between a thousand questionaires/notices
of failure for a product and a thousand UCE for some porn site?

Nothing. It is a thousand pieces of UCE in my inbox, sent without my
permission and sent against my expressed desire. It is sent to an
inbox purchased for the sole purpose of communications between the
owner, friends, family and those the owner has given consent to
contact him/her.

You make the same ole arguement.

It ain't porn, it ain't spam. Heard it. Discount it as a lie. You
are now attempting to justify UCE because you are trying to claim a
notice of failure about a product is not spam. You of course have not
presented a reason why anybody should be able to force me to accept
delivery on anything against my will.

Unlike postal mail, electronic mail does not give the recipient the
option of rejecting, [refusing delivery] after the email has been
accepted by the server. This is due to the linear method the file is
written in. In other words, forced advertising.

Your anger towards SPEWS is showing.

--
Mark

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 15.06.2005 00:35:48 von sethb

In article ,
D. Stussy wrote:
>On Sun, 22 May 2005, Mark Ferguson wrote:
>> On Sun, 22 May 2005 17:26:33 GMT, "Moris" wrote:
>> >...
>> >Spews is ineffectual on both counts.
>> You are of course correct sincce SPEWS does not block anything.
>But use of SPEWS is to cause blocking. You know very well what he was saying,
>semantics aside.

If you don't care about the meaning, why is it worth discussing
anything with you?

>But you ignored the fact that while the use of other anti-spam systems
>maximize spam-identification while minimizing the impact on legitimate mail,
>SPEWS' design of what they list maximizes both spam source identification and
>its inteference with legitimate mail.

Listing 0/0 would maximize interference with legitimate mail. SPEWS
doesn't do that. Therefore, you're wrong (again).

>Whether an e-mail is spam or legitimate is determined solely by CONTENT, not
>its source.

No, it's determined by CONSENT, not CONTENT.

> It is only the SPEWS-user who wishes to define mail
>legitimacy in a way that differs from the usage of everyone else.

It is only the troll who wishes to define himself as "everyone else"
and ignore original definitions.

>> >The target of spews is to blacklist and blackmail the innocent email users
>> >and hosting providers.
>> You keep claiming this yet you have never posted proof. Is it your
>> intention to just continue to make false claims hoping somebody,
>> somewhere will believe you or are you going to actually post real
>> evidence? I know, a question that will go unanswered.
>SO, all those complaints to NANAE coming from non-spammers aren't proof?

Non-spammers aren't necessarily innocent. Non-spammers who provide
financial support to spam-friendly networks are specifically not
innocent.

Seth

XXXXXXX

am 15.06.2005 01:14:02 von Alan Connor

Hi Seth,

There are now over 200 people (that I know of) using my
little Challenge-Response-System. (None of them, including
me, now include the name of the program or its URL in the C/Rs
themselves. People who are interested just ask the person
they received it from. And ALL of the people use differently-
formatted C/Rs :-)

Earthlink, one of the world's largest ISPs offers them
as a part of their standard spam-fighting package, as do
many lesser ISPs.

New Challenge-Response-Systems come on the market, commercial
and free, almost every month.

And it is thanks in part to you and your sock-puppets
and the other rabid, anti-C/R feebs (and THEIR sock-puppets)
that this is taking place:

You repeat the same lies, over and over again, like demented
parrots, and this allows people to see through your acts to
your real agenda, which is pro-spam.

No, I'm not reading any replies to this.

You all are boring and obnoxious and don't even know what the
word "honesty: means.

If you don't like Challenge-Response-Systems, then eat
shit.

Season to taste.

Oh! And stay out of my mailboxes.

That's an order, not a request, and my little program
will enforce it without even telling me about it.

alanconnor AT earthlink DOT net http://tinyurl.com/2t5kp

:-)

AC

--
Please visit my home page:
http://angel.1jh.com./nanae/kooks/alanconnor.html

Re: XXXXXXX

am 15.06.2005 01:26:51 von Never anonymous Bud

Using a finger dipped in purple ink, Alan Connor scribed:

>Earthlink, one of the world's largest ISPs offers them
>as a part of their standard spam-fighting package, as do
>many lesser ISPs.

I NEVER reply to a C/R.

It's THEIR loss, not mine.

--

Lumber Cartel (tinlc) #2063. Spam this account at your own risk.

This sig censored by the Office of Home and Land Insecurity....

FAQ: Canonical list of questions Beavis refuses to answer (V1.30) (was Re: XXXXXXX)

am 15.06.2005 02:48:50 von Sam

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-32240-1118796534-0008
Content-Type: text/plain; format=flowed; charset="UTF-8"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
X-Mime-Autoconverted: from 8bit to quoted-printable by mimegpg

Usenet Beavis writes:

>
>
> Hi Seth,
>
> There are now over 200 people (that I know of) using my
> little Challenge-Response-System. +*SLAP*+

Shaddup, Beavis. And, BTW, answer #2 from the FAQ, below.

> Earthlink, one of the world's largest ISPs offers them
> as a part of their standard spam-fighting package, as do
> many lesser ISPs.

And that's why their backscatter-spewing autoresponders are now firmly
blacklisted.

> New Challenge-Response-Systems come on the market, commercial
> and free, almost every month.

â=A6 And get promptly blacklisted.

> And it is thanks in part to you and your sock-puppets
> and the other rabid, anti-C/R feebs (and THEIR sock-puppets)
> that this is taking place:

Beavis FAQ #5.

> You repeat the same lies, over and over again, like demented
> parrots, and this allows people to see through your acts to
> your real agenda, which is pro-spam.

Your FAQ documents the same drivel you keep regurgitating, every week. You
must be looking at yourself in the mirror, Beavis.

> No, I'm not reading any replies to this.

Beavis FAQ #6.

> You all are boring and obnoxious and don't even know what the
> word "honesty: means.
>
> If you don't like Challenge-Response-Systems, then eat
> shit.

Beavis FAQ #12.

> Season to taste.
>
> Oh! And stay out of my mailboxes.
>
> That's an order, not a request, and my little program
> will enforce it without even telling me about it.

Beavis FAQ #11.

FAQ: Canonical list of questions Beavis refuses to answer (V1.30)

This is a canonical list of questions that Beavis never answers. This FAQ is=

posted on a semi-regular schedule, as circumstances warrant.

For more information on Beavis, see:

http://angel.1jh.com/nanae/kooks/alanconnor.shtml

Although Beavis has been posting for a long time, he always remains silent
on the subjects enumerated below. His response, if any, usually consists of=

replying to the parent post with a loud proclamation that his Usenet-reading=

software runs a magical filter that automatically identifies anyone who's
making fun of him, and hides those offensive posts. For more information
see question #9 below.

==================== =======
==================== =======
==================== ====

1) If spammers avoid forging real E-mail addresses on spam, then where do
all these bounces everyone reports getting (for spam with their return
address was forged onto) come from?

2) If your Challenge-Response filter is so great, why do you still munge
when posting to Usenet?

3) Do you still believe that rsh is the best solution for remote access?
(http://tinyurl.com/5qqb6)

4) What is your evidence that everyone who disagrees with you, and thinks
that you're a moron, is a spammer?

5) How many different individuals do you believe really post to
comp.mail.misc? What is the evidence for your paranoid belief that everyone,=

except you, who posts here is some unknown arch-nemesis of yours?

6) How many times, or how often, do you believe is necessary to announce
that you do not read someone's posts? What is your reason for making these
regularly-scheduled proclamations? Who do you believe is so interested in
keeping track of your Usenet-reading habits?

7) When was the last time you saw Bigfoot (http://tinyurl.com/23r3f)?

8) If your C-R system employs a spam filter so that it won't challenge spam,=

then why does any of the mail that passes the filter, and is thusly presumed=

not to be spam, need to be challenged?

9) You claim that the software you use to read Usenet magically identifies
any post that makes fun of you. In http://tinyurl.com/3swes you explain
that "What I get in my newsreader is a mock post with fake headers and no
body, except for the first parts of the Subject and From headers."

Since your headers indicate that you use slrn and, as far as anyone knows,
the stock slrn doesn't work that way, is this interesting patch to slrn
available for download anywhere?

10) You regularly post alleged logs of your procmail recipe autodeleting a
bunch of irrelevant mail that you've received. Why, and who exactly do you
believe is interested in your mail logs?

11) How exactly do you "enforce" an "order" to stay out of your mailbox,
supposedly (http://tinyurl.com/cs8jt)? Since you issue this "order" about
every week, or so, apparently nobody wants to follow it. What are you going
to do about it?

12) What's with your fascination with shit? (also http://tinyurl.com/cs8jt)?

13) You complain about some arch-nemesis of yours always posting forged
messages in your name. Can you come up with even a single URL, as an exampl=
e
of what you're talking about?

--=_mimegpg-commodore.email-scan.com-32240-1118796534-0008
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBCr3r2x9p3GYHlUOIRAq1/AJoDvbYYlD1Nt58rJquQzjQx9XDjagCf VH/F
g9FNst5drwIOnSvD3wVWxmU=
=D1EI
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-32240-1118796534-0008--

Re: XXXXXXX

am 15.06.2005 05:50:49 von windsorfoxNO

Alan Connor wrote:
>
> If you don't like Challenge-Response-Systems, then eat
> shit.
>
> Season to taste.
>
> Oh! And stay out of my mailboxes.
>
> That's an order, not a request, and my little program
> will enforce it without even telling me about it.
>
> alanconnor AT earthlink DOT net http://tinyurl.com/2t5kp

I am neither rabid (I don't think) nor would I care to try your
suggestion. But if I email someone and get an automated reply saying I
have to jump through a hoop for it to go through, then THEY can ESAD.
They may also do without my email, cuz I won't play.

--
3am is _never_ a good hour for a summoning - a moment of lost
concentration and you've got Nader instead of Nyarlathotep.

Amphetamines are not a good idea either: unsafe at any speed. - Cadbury
Moose

Re: XXXXXXX

am 15.06.2005 06:54:54 von NormanM

On Tue, 14 Jun 2005 23:14:02 GMT, Alan Connor wrote:

> There are now over 200 people (that I know of) using my
> little Challenge-Response-System.

The only challenges that I have received were from clueless idiots sending
challenges to my forged email address, and one "e-marketer" who seemed only
half a step removed from being a spammer.

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 15.06.2005 11:04:57 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 15.06.2005 11:28:21 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 15.06.2005 11:42:36 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 15.06.2005 13:33:14 von Mike Given

D. Stussy wrote:
>Seth Breidbart wrote:
>>D. Stussy wrote:
>>>Mark Ferguson wrote:
>>>>"Moris" wrote:
>>>>>...
>>>>>Spews is ineffectual on both counts.
>>>> You are of course correct sincce SPEWS does not block anything.
>>>But use of SPEWS is to cause blocking. You know very well what
>>>he was saying, semantics aside.

I don't use SPEWS and none of my hosting providers are on SPEWS
listings, so semantics aside, SPEWS doesn't block anything.

>>Listing 0/0 would maximize interference with legitimate mail.
>>SPEWS doesn't do that. Therefore, you're wrong (again).
>Sorry. That's exactly what SPEWS does: It maximizes collateral
>damage within the networks it lists

Wrong. Semantically speaking, SPEWS *is* the collateral damage;
often it's the spammers themselves are the primary damage.

>instead of minimizing it - on the FLAWED assumption that the
>collaterally damanged non-spammers will cause their ISP to
>terminate the spammers (or even have the power to do so,
>"checkbook" or otherwise).

What you call collateral damage is what I would call "incentive";
it's about making UBE unprofitable.

>The only way to guarentee 100% spam elimination is to provide
>for 100% email elimination.

Which SPEWS does not do.

>Interference with legitimate mail is precisely what SPEWS is
>about, by design.

Providing incentive is what SPEWS is about. Carrot and stick.

>>>Whether an e-mail is spam or legitimate is determined solely
>>>by CONTENT, not its source.
>>No, it's determined by CONSENT, not CONTENT.
>Wrong. If some distant relative that you never gave your
>mailbox address to sent you a mail "out of the blue" I
>seriously doubt that you would call it spam

That depends on whether or not they're trying to sell me a fake
Rolex.

>even though you never had given him consent. You would know by
>content that it wasn't. I'm glad I'm not your relative.

I'm sure the feeling is wholeheartedly mutual.

>>>>>The target of spews is to blacklist and blackmail the
>>>>>innocent email users and hosting providers.
>>>>You keep claiming this yet you have never posted proof. Is
>>>>it your intention to just continue to make false claims
>>>>hoping somebody, somewhere will believe you or are you going
>>>>to actually post real evidence? I know, a question that will
>>>>go unanswered.

And it's still unanswered.

>>>SO, all those complaints to NANAE coming from non-spammers
>>>aren't proof?

They're proof that SPEWS is at least occasionally effective.
Complaints in NANAE are most certainly not proof of innocence - in
fact, they're often proof of ignorance and/or deceit on the part of
the provider. And with almost no exception, those that are vehemently
opposed to SPEWS are spammers themselves.

>>Non-spammers aren't necessarily innocent. Non-spammers who
>>provide financial support to spam-friendly networks are
>>specifically not innocent.
>SPEWS-droid talk.

Must suck to be you.

>If they aren't spammers, they ARE innocent - unless you can prove
>that they KNEW that their provider was spammer-friendly WHEN they
>signed the contract.

Those of us that are a bit more savvy than the average slug know
that our hosting providers are NOT spammer-friendly BEFORE we sign the
contract. If you can't manage such a tiny feat then your should not
be on teh Intarweb b3c4use u r not an 3l33t hax0r and u suck.

Mikey (..Pavlov was not wrong.)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 15.06.2005 20:55:51 von bonomi

In article ,
D. Stussy wrote:
>On Mon, 13 Jun 2005, Robert Bonomi wrote:
>> b) 'Listed' does *NOT* mean 'spammer'. "listed" means "address-space we (the
>> SPARTICUS group) do not accept mail from". Nothing more. Spelled out
>> very succinctly in the FAQ - Q&A 1.
>
>Read on: When they say that any netblock listed has "few to no legitimate
>senders," they are in fact calling everyone in that block a spammer.

Yet another Stussey Lie(TM).

Provable _just_ by the 2 lines above. If a block with 'a few' legitimate
senders _is_ listable, then it is clear that _not_ 'everyone' in that block
is being called a spammer.

>> >> The fact that the customer "lives in a bad neighborhood" is
>sufficient grounds
>> >> for the pizza company to refuse to deliver there, *regardless* of
>the nature
>> >> of that particular customer. The customer is not being defamed because the
>> >> pizza company won't deliver to _them_.
>> >
>> >A bad neighborhood - because only 1% of the population is bad? Get real.
>>
>> I am. I've *been* there. Personally. Ask a pizza delivery company what the
>> _minimum_ is that it takes to get a neighborhood on the "won't take orders
>> from there" list. 4 or 5 problems is enough to get several _thousand_
>> potential customers blacklisted that way. That's around ZERO POINT ONE
>> per-cent. (0.1%, a full order of magnitude lower than what you think is
>> 'unreal' You sir, in the words of the old Middle-Eastern proverb "knoweth
>> not, and _knoweth_not_ that he knoweth not"; worse, you seem proud of that
>> fact.)
>>
>> You've invented a new type of logical fallacy -- "early warning" systems must,
>> according to you, use "Propter Hoc, ergo Pre hoc" to validate their warnings.
>
>Wrong. I simply recognize that "early warning" systems also have to minimize
>false positives

An assumption *not* supported by facts -- as regards any existant real-world
early warning system.

Case in point: Do you have any idea how many alerts have been generated by
the North American "Distant Early Warning" system? Of that _large_ number,
do you have any idea how many have been 'false positives' of an act of war?

> while SPEWS MAXIMIZES false positives. We all know that 100%
>blocking of ALL mail is the only way to guarentee 100% blocking of all spam.
>As has been said before, SPEWS should just list 0.0.0.0/0 and be done with it -
>because, as implemented, it fails its goals.

Yet another Stussey Lie(TM).

What SPEWS actually fails to meet _Stussey's_ interpretation of SPEWS' goals.

Of course, a 'database' doesn't _have_ goals, it just _exists_, so one must
assume that Stussey means 'the people who established SPEWS'.

*THEIR* 'goal', is, however clearly stated in A1 in the FAW -- to protect
the systems *they* run. If it failed at -that- purpose, they would obviously
quit using it. and quit supporting it. Ergo it *is* fulfilling _their_
needs, and meating *their* design goals.

And Mr Stussey's claim to the contrary is pure fiction.

>> >What they say is that they don't like the time lag between a spammer
>> >starting a spam run and the time it takes to list the spammer in a database
>> >- so they will list these spammers [sometimes even] BEFORE they spam
>> >(paraphrase of the third paragraph from SPEWS' home page). Therefore, what
>> >SPEWS lists are spammers and spam operations. One doesn't even find out
>> >that "spam operations" means the spammers' providers until one carefully
>> >reads the FAQ at Q&A 5 - and that's not even clear as it says that the
>> >netblocks were set up by known spammers - that is, an ENTIRE netblock listed
>> >is a spam source, even if it hasn't spammed yet. The FAQ doesn't actually
>> >say that the provider (ISP) hosting a [non-terminated] spammer is a "spam
>> >operation" until FAQ Q&A 6. This is counterintuitive to the common
>> >definition of what most people consider a spammer. FAQ Q&A 21 states that a
>> >"level 1 listing" is of netblocks that have "few or no legitimate
>> >customers." That's effectively calling EVERY address in those netblocks
>> >spammers.
>>
>> You lie. You admit the information _IS_THERE_. Not as clearly as you desire;
>> Not as prominently as you desire, perhaps, buy you did admit that it *is*
>> there.
>
>That's not a lie.

You admit the information is there. Yet your claim that it is *not* there
is "not a lie". Riiiiiiiiight! *snort*

>> You can't even *quote* published data without maliciously distorting it.
>>
>> The SPEWS FAQ "Q&A 21" does *NOT* say that listed blocks "have" (your word)
>> few or no legitimate customers, but blocks where few or no such customers
>> have been DETECTED. Whether or not you choose to admit it, there is a
>> significant difference between those two words.
>>
>> If you read the FAQ Q&A1, it should be obvious that the SPARTICUS group has
>> access to fairly extensive "means" for 'detecting' legitimate e-mail senders
>> in any particular address-space.
>
>Utter BS. There's no way that they can detect ANY such mail from any of these
>legitimate users in the absence of being the recipient of the mail or having
>the mail pass through their own equipment (packet sniffing included).

Lessee, it is "utter BS" several 'system administrators, ISP postmasters,
and other service providers' might have large volumes of mail that "pass
through their equipment", to detect legitimate mail-senders with

Riiiiiiiiiiight!

> All that
>is is just another SPEWS-fallacy so that they can justify calling everyone in
>the netblock spammers because they "didn't know they were there."

Yet another Stussie Lie(TM).

>> The people/addresses that _do_not_ send e-mail directly from that address-
>> space are *not* part of the equation. Even by _your_ standards SPEWS never
>> 'defames' any of _those_ people, because *NOBODY*EVER*ASKS* for an opinion
>> about those addresses. Since no opinion is ever offered, _regardless_ of
>> whether an expressed opinion _might_ be considered defamatory, The absence
>> of the expression of that opinion means that no *possible* defamation
>occurred.
>
>See above.
>
>> >BTW, since legitimate senders don't spam, and SPEWS claims that they
>can detect
>> >legitimate senders (a necessary implication of FAQ Q&A 21), just HOW do they
>> >detect these legitimate senders if none of them ever sends any e-mail
>to anyone
>> >affiliated with SPEWS?
>>
>> Do you know what the word 'detect' means? And what that requires, above and
>> beyond that it 'exist'?
>>
>> Do you understand the difference between "not detected", and "not existent"?
>
>Do you understand the meaning of the word "assumption?"
>
>> Do you suppose it possible that an ISP postmaster might have an arcane object
>> known as a "log", that records addresses of the systems that send mail to
>> his customers?
>
>Do you suppose that there may be mail servers in the world that have never sent
>mail to a given host and therefore won't appear in those logs?

Of course there may be such. And BFD applies. "perfection" is _not_ an
operational necessity.

> That does not
>make them spammers, yet SPEWS ASSUMES they would be because these hosts would
>not be among the "few legitimate senders detected."

Yet another Stussey Lie(TM).

>> And, _who says_ that nobody ever sends any email to anyone affiliated with
>> SPEWS? The FAQ Q&A1 makes it quite clear that 'at least some' of the
>> SPARTICUS group deal with incoming e-mail as a regular part of their daily
>> work.
>
>Are you saying that the "Sparticus group" runs SPEWS or knows who does?
>
>> Purely as a hypothetical, say that one of the SPARTICUS group was employed by
>> a _large_ mail-hosting operation -- "AOL" for instance, or "bluewin", or
>> "British Telecom", or maybe "outblaze", as a mail-admin, Do you suppose,
>> that in that scenario, they just _might_ have a d*mn good idea where most of
>> the active mail-servers in the entire _world_ are? Based simply on the
>> records of where 'legitimate' mail inbound to their system comes from?
>
>Knowing where the most active servers are

Is it that you can't read, or do you *deliberately* mis-interpret, mis-quote
people?

Knowing "where most of the active servers in the world are" is a far cry
from 'knowing where the most active servers are".

> is not the same as knowing that the
>non-spamming addresses in a given netblock don't have [outbound] mail services.

>
>> You don't understand what you read; you make up interpretations not actually
>> supported by the facts, and claim they are gospel written _by_ SPEWS.
>>
>> Review the reason for the construction of the system. For them, collectively,
>> to protect _their_ systems. They owe _no_one_ any explanations of why they
>> do what they do, in the protection of *their* systems.
>
>They aren't the only ones using their list.

BFS applies. A thing is offered "as is, where is"; "caveat emptor" applies.

>> > To me, logically it would seem that there is a non-spammer
>> >population in the block that is a clear majority (hardly the "few or no[ne]"
>> >standard) wouldn't even be detectable by SPEWS. However, in order to claim
>> >that these non-spammers don't (or rarely exist), SPEWS either has to have a
>> >method of detecting them - OR has clearly lied about their non-spammer status
>> >by calling them additional spammers. [DNS entries aren't enough - as that
>> >doesn't distinguish between spammers and non-spammers.]
>> >
>> >> Spammers *DO* flock to 'where they are not unwelcome'. This is *well*
>> >> established. Spammers spend lots of time telling each other where such
>> >> places are.
>> >
>> >As I am not a spammer, I cannot confirm nor deny this. Apparently,
>you can....
>>
>> You are thus proving that you are "ignorant", as well as "stupid".
>
>NO - I implied a valid conclusion that you are a spammer. Obviously, if you
>weren't, you should have been so offended to "fly off the handle." As you
>didn't, perhaps my conclusion was correct.

I've been called far worse things, by a far better class of people.

*YOUR* ethics are clearly suspect --
You hae no qualms about publicly defaming someone based on your own
unsupported-by-facts speculations.

Yet you castigate SPEWS for committing what you consider to be similar
defamation. Obviously "do as I say, not as I do", applies.

>> There is published record in NANAE showing messages captured from spammer
>> bulletin-boards/web-sites demonstrating _exactly_ that.
>
>I haven't detected that spammers were talking about me! Where have you seen
>this? I must have missed those posts.

Lessee, the assertation was made:
'spammers do flock to places where they are "not unwelcome", ...
Spammers spend lots of time telling each other where such
places are.'

And you propose to rebut that with an assertatoin that spammers haven't
been talkig about _you_.

Are you asserting that your operation is one that qualifies, in your mind
at least, as one where spammers are "not unwelcome"?

>
>> Many times over. over a period going back years. See the "DHS Club" history
>> and "bulkbarn" references, just to name a couple.
>
>Very interesting - as I didn't start reading NANAE until about 3 years ago....

Reports concerning the DHS club "sharing" of 'spammer-friendly provider'
contacts are probably within that range.

Your lack of awareness/knowledge of history establishes what you "don't know".

>> >> The *continued* presence of _one_ spammer is a definite indicator that
>> >> spammers ARE 'not unwelcome" in that address-space.
>> >
>> >Not necessarily. It could be that everyone assumed that everyone else has
>> >already reported them, so no one does. ("Starvation")
>>
>> Which is why I said "indicator" not "proof". "Proof" it is not, for the very
>> reason you point out. "Indicator" it *is*.
>>
>> Networks where spammers are truly 'NOT welcome" tend to run various kinds of
>> instrumentation for monitoring and logging 'suspicious' activity. Spam
>> _origination_ -- on anything beyond the most trivial scale -- tends to have
>> *very* distinctive 'signatures', ones that are easily recognizable. A
>> relatively small amount of additional analysis, and there is enough info
>> "in hand" to justify 'pulling the plug'. *WITHOUT* need for _any_ 'external'
>> reports.
>
>So, you're saying that in the ABSENCE of a complaint, that ISP's regularly
>monitor the CONTENT of the traffic sent over their bandwidth???? Do you
>realize how much computing hardware must be used just to do that? Even with a
>single T3 line (45Mb/s+), adjacent TCP packets in a "connection" could have
>several thousands (or even hundreds of thousands) of other packets between
>them. I've never heard such a ludicrous claim before....

Mr. Stussey again demonstrates that he "doesn't know what he doesn't know".

Yes, many providers _do_ do many kinds of traffic analysis on _all_ the
packets that pass through their network.

Yes, it takes some pretty big hardware. two sets of 'pretty big' hardware,
in fact. One for the 'raw data capture' and reduction, and the other one
do do the analysis.

Yes, they *do* deploy that kind of hardware for the tasks.

They even talk about it, to other network operations people. How much
hardware it takes, How to deploy it, with the least impact on network
performacne, How much data it generates, and reduction techniques for
extracting the 'useful' stuff.

'Spammer identification" is a several-step process:
1) you monitor traffic _volume_ by address *and* port.
you see "excessive" port 25 traffic involving a particular address
2) when those alarms go off, you enable 'deeper' analysis of
that traffic. e.g., capturing packet content for analysis of headers,
looking for 'virus' stigmata, etc.

>> >> Thus the ongoing presence of a _detected_ spammer *DOES* make for an
>> >> increased probability of more spammers in that neighborhood.
>> >
>> >So you say. The ongoing presence can equally prove the "starvation" case I
>> >just cited above. You need some independent evidence to distinguish
>> >these two cases.
>>
>> FALSE claim.
>>
>> The continuing presence is _not_ proof that the network _is_ spammer-friendly.
>> It IS proof, however, that the network is *not* _actively_ spammer-UNFRIENDLY.
>> An _actively_ spammer-unfriendly network runs systems that can detect a
>> significant spam-run, set off alarms, =and= provide sufficient data for
>> 'action', *without* the need for any 'external origin' reports.
>
>Same BS as above.

Stussey again demonstrates that he "doesn't know what he *doesn't* know".

That "BS" that just happens to be _factually_ true. Just last week, on a
mailing list for network operations personel, a staff-person from one
provider was asking about recommendations for deploying _network_wide_
pro-active monitoring of _exactly_ that sort. Staff at a number of other
providers offered 'configuration advice'/'tool recomendations'/'hardware c
apabilites'/etc. based on what they *currently* had deployed.

>> The continued presence of the confirmed spammer establishes _without_doubt_
>> that the provider is *not* running such systems and/or is not acting on alerts
>> from those systems.
>
>Finally, you said something not completely stupid.
>
>> "Proof" is _not_ required. But, if you want to split hairs on that point,
>> The actual presence of a single spammer *IS* _proof_ that the provider did
>> not exercise "sufficient" due diligence in checking out the customer before
>> accepting their business.
>>
>> Network operators are fully capable of gathering sufficient data for 'action'
>> without _any_ external origin reports.
>
>...But have no reason to do so without a complaint.

Mr. Stussey again demonstrates that he "doesn't know what he *doesn't know."

>> >> When you have identified a location as being that of a "crack" house the
>> >> probability g *does* go up that anybody you run into in the vicinity of
>> >> that house *is* a crack user.
>> >
>> >But that does not mean that EVERYONE one runs into is a crack user. The
>> >analogy that SPEWS is using is that everyone IS, not that there's a higher
>> >probability of encountering one.
>>
>> Strange, I cannot find those words "everyone IS" on their website, anywhere.
>
>You are correct. They say it by saying that there are "no legitimate senders"
>- and therefore, everyone must be a spammer. They use a negative to conclude
>that.

Yet another Stussey Lie(TM).

>> What you claim is nothing more than your "interpretation" of what their
>> intentions are. Unless you _are_ SPEWS, you don't know what SPEWS' intentions
>> _really_ are.
>
>Then SPEWS should rewrite their FAQ and web pages to remove any ambiguity.

Yes, it would be "nice" if they were to do so.
For reasons known best to them, they choose not to.

>Everything I have about their intentions came from what they said.

Everything you have said regarding their intentions is "one *possible*
interpretation" of their remarks. It is not the _only_ possible
interpretation of those remarks.

GIVEN that multiple possible interpretations exist, there is no _factual_
basis available for preferring one over the other.

Asserting that one particular interpretation "must be true". only shows the
bias and intellectual dishonesty of the the party making the claim.

>> SPEWS asserts nothing more than "it's not worth the trouble of making a more
>> detailed determination -- the odds are 'unacceptably high' that this message
>> is spam."
>>
>> >> The same thing applies to 'spammer friendly' neighborhoods.
>> >
>> >No dispute there.
>>
>> You now agree that 'someone in a spammer-friendly neighborhood *is* more
>> likely to be a spammer'.
>>
>> >Wrong: Nothing in SPEWS' web site discusses probabilities.
>>
>> NOTHING in SPEWS' web-site says that _all_ the listed addresses WILL spam,
>> as you claim it does.
>>
>> Anyone with any understanding of "early warning" systems -- systems that alert
>> *before* an event happens -- would be aware that such systems *must* work
>> on probabilities; The 'fact' of the event that they are alerting about has
>> _not_ happened yet, and -- absent the dissolving of some of Dr Asimov's famed
>> "thiotimoline" -- there is simply *no*other*possible*way* for such for such
>> systems to operate.
>
>However, the probability must not be zero. Since all these other addresses
>(in a netblock) have NOT been detected as spammers (and generally, we can
>determine - although not absolutely - which addresses are assigned from DNS
>records), the probability that they will become spammers is very LOW (and
>itself may be zero - until the address is reassigned). SPEWS is saying exactly
>the opposite, but lacks a reasonable basis to back its view.

>
>> >> FACT: if you have a "small" spammer (sending only 100k spam messages/day)
>> >> sitting on one address, and 255 'good' users (sending 50 legitimate
>emails/day
>> >> each), occupying the other addresses in that /24 block, the odds of
>a 'random'
>> >> email received from "somewhere in that block" being spam are roughly 9:10.
>> >
>> >However, in that case, SPEWS should list the SINGLE spammer address and NOT
>> >LIST the /24 netblock which includes MANY non-spamming addresses (quite far
>> >from the "few or no[ne]" standard SPEWS claims it applies).
>>
>> Why? Serious question, _why_ should they do that? If the probabilities
>> are 80% (or better) that _any_ message from that /24 is spam, WHAT IS WRONG
>> with declaring "it is too much trouble to try to sort out the good stuff from
>> the bad stuff, so I'm going to reject _all_ of it"?
>
>In your example, the probability never reaches 80%. It in fact stays at less
>than 1% (exactly 1 in 256). The volume of mail is irrelevent to the
>computation of the probability. It is only the source IP address that counts -
>because that is what is evaluated - it's the sole criterion.

Yet another Stussey Lie(TM)
Yet another Stuusey Fraudulent Statistic(TM)

If I recieve 10,000 pieces of mail from an address-block -- 9,999 of them
spam, coming from 1 address, and 1 'legitimate' one from a 2nd address, then
99.99% of the _messages_ I received from that address-block *are* spam.
The probability that "any arbitrary message" received from that netblock
is spam is 99.99%

Yes, only 50% of the _sources_ are generating spam, but 99.99% of the
_messages_ are spam.

>> A query of the SPEWS database is nothing more than "is this address listed
>> in the database?" and the answer is nothing more than "yes/no".
>> A 'yes' answer means *NOTHING*MORE* than "that address is in an area on the
>> Internet that several system administrators, ISP postmasters, and other
>> service providers have chosen to deny email and in some cases, other network
>> traffic, from."
>
>...On the grounds that it is a spam source, since that's HOW the list is used.

Yet another Stussey Lie(TM)

Not "IS a spam source",
just 'has an unacceptably high probability of being one".

>> >In SPEWS' view, it may very well have a higher probability of being -
>but that
>> >does not mean that it actually is. Furthermore, on a per-address basis for
>> >your /24 example above with 1 spammer and 255 non-spammers, the
>probability for
>> >any mail from that netblock being spam is still 0.391% spam and 99.609%
>> >NON-SPAM should the entire netblock be listed. Remember that
>quantity doesn't
>> >matter as the only criterion checked is the source IP address.
>>
>> Are you really _that_ ignorant of basic statistics?
>
>No. Apparently you are. It's not the VOLUME of the mail (which you correctly
>state below does equate to the NUMBER OF LOOKUPS performed). It's a matter of
>WHAT one looks up. The correct item to enumerate across for computing the
>probability is the IP address - and that is 1 in 256 in your example. It
>doesn't matter that one address is looked up more often than the others. The
>probability of ANY address in that block remains the same.

The probability of _messages_ being spam is proportional to the volume of
messages being recieved. The problem with spam _is_ that they generate
thousands, if not millions of times more messages than 'legitimate' sources
do.

>
>In coin flipping, the probability of heads vs. tails is 50% for each. It may
>be astronomical to have 100 heads in a row, but the probability for heads
>showing up on the 101st flip REMAINS 50%.
>
>> There are 100,000 spam messages flowing from 1 address, and 50 non-spam
>> messages flowing from each of 255 other addresses ("non-spam" total 12,750)
>> This means that there are a grand total of 112,750 messages/day flowing
>> out of that netblock.
>> For the sake of simplicity, postulate that they go to 112,750 different
>> users, at 112,750 different places.
>> This means that there are 112,750 _separate_ spam-detection tests done.
>> 88.7% of those tests come up 'spam positive'.
>> 11.3% of those tests come up 'spam negative'.
>> 88.7% of _all_ the mail out of that block tests "spam positive'.
>
>However, that isn't the probability of any ONE message being positive.

The probability of any one message being spam is *precisely* the the
fraction of _all_ messages that _are_ spam.

> That
>probability REMAINS 1 in 256 (for your example). Across those 256 sources, the
>probability is 100% from the single spammer and 0% from the other 255 users.

The probability of any particular _source_ being spam is not the same as
the probability of a particular _message_ being spam.

>> Thus the probability of _any_given_message_ from "somewhere" (exact location
>> unknown/unspecified) in that address-space returning 'spam positive' is 88.7%
>
>Invalid conclusion. History does not equate to probability. In the coin
>flipping analogy, it doesn't matter how many times one flips the coin: the
>probability of the outcome is not dependent on (or altered by) the history of
>what happened before. You have introduced a factor that doesn't belong there.

You don't know statistics.

If the _only_ data you have to work with shows a record of all occurances
of one selection from a binary-valued set, then the *correct* estimation
of probability _from_that_data_ is that _that_ choice will occur 100% of
the time.

>> You under-state the probability of any given message from that space as
>> being 'spam', by a factor of more than 226:1.
>
>Actually, you're overstating it - because you are trying to include a factor
>that has no bearing on the outcome of the test. The test is: What IP address
>is this from - the spammer or the non-spammers. Solely based on that, the
>probabilities are: Spammer - 1 in 256, and non-spammer - 255 in 256. It
>doesn't matter that the spammer sent out 226 times more mail; that's not what
>you're measuring. You're measuring the source address. That's all.

I'm mesauring the probability that the _message_ is spam.
Not the probability that the message source is a spammer.

>> Note: in the 'real world', there are more likely to only a handful of
>> users in that netblock that send outgoing mail directly from those addresses.
>> Postulate that there are 10 such (probably a high estimate). You now have
>> only 500 'legitimate' emails, to go with the 100,000 pieces of spam ones.
>> 100,000 spam/100,500 total gives a probability of 99.5025% that any given
>> message out of 'anywhere' in that netblock will be 'spam positive', and a
>> whopping 0.4975% that it will be 'spam negative'.
>
>Not relevent. Volume of the mail sent doesn't alter the probability of the
>SOURCE of that mail.

>> >> >> > [We all know they have none. They prefer to defame these non
>> >> >> >spammers than to tell the truth.]
>> >> >>
>> >> >> How is it defamation to claim that, for instance, MCI owns a chunk of
>> >> >> IP space that MCI owns?
>> >> >
>> >> >It is when they (SPEWS) claims that the space is 100% spammer
>source without
>> >> >proof that each and every address in that space is individually a spammer
>> >> >souce. SPEWS makes its claim based on as little as 1% or 2% of the
>> >space being
>> >> >a confirmed spammer.
>> >>
>> >> You lie. SPEWS makes no such claim.
>> >
>> >Yes, it does - when it says "few to no legitimate users detected."
>>
>> You continue to lie.
>
>I didn't write the phrase. It's SPEWS' own choice of words.

It is only _your_ *interpretation* that "the space is 100% spammer source"
is implied by those words. The decomposition of that compound remark
to an alternative that reads "few legitimate users detected' *disproves*
your assertation.

You _do_ continue to lie when you insist on a disproven assertation.

>> Or you have no clue as to what the word "detected" actually means.
>
>Wrong. In order for their statements to be true to intent and NOT MISCLASSIFY,
>SPEWS must have a way to detect any and every mail server that exists in the
>block. An implication of their statement is that they have to TRY to detect
>the legitimate users that exist. Simply passively ignoring them won't do.
>
>> The quoted statement makes *NO* CLAIM WHATSOEVER about any user for whom no
>> activity was detected.
>>
>> Just incidentally, if 'detection' did show 'a few' legitimate users,
>> your assertation that SPEWS claims that the space is 100% spammer space
>> would be remain a total fabrication, and defamatory misrepresentation.,
>
>An impossibility - since SPEWS can't detect legitimate users in the general
>case. It can only detect such users that actually communicate with the SPEWS
>operators (as stated above).

Yet another Stussey Lie(TM)

SPEWS operators have access to records of communications *not* directed to
themselves.

>> How many times have you seen *more*than*one* customer show up here, with
>> complaints about the _same_ address-block? (in the entire life-span of
>> nanae, I can recall only two cases, and in each case it was only two
>> customers. I have -never- seen three 'unique' complaints about the same
>> address-block)
>
>And how often have you seen a network operator for an ISP ask what an RBL is?
>That has happened in the past 6 months. For anyone to "show up" on NANAE with
>a complaint, they have to identify that SPEWS is the list that was used, read
>the SPEWS' FAQ, and believe in the [misleading] information that posting to
>NANAE will do any good(*). An alternative solution may be that the SPEWS-using
>administrator simply whitelists the blocked domain/address - end of problem.
>
>[* - Remember that SPEWS also says that posting to NANAE does no good as a
>complaint is insufficient. It is suggested only for the psychological reason
>of giving the frustrated person a place to vent.]
>
>> How many times does one see "I'm blocked by SPEWS" postings that do _not_
>> start out with something similar to "I just got these addresses from my new
>> ISP and...."?
>>
>> Those pieces of data, while not conclusive, *do* tend to suggest that SPEWS
>> does do a fairly good job of "limiting' the number of legitimate users
>> in the listed blocks, *when* they list them.
>
>It also demonstrates that SPEWS does not remove addresses, even after the
>spammers are terminated and thus the addresses were available for reassignment
>let alone actually reassigned.

"Assumes facts not in evidence." to wit, it assumes that the spamer _was_
terminated. As opposed to, say, a 'customer who doesn't send direct email'
changing provideers, and a 'new customer who does use email' getting those
addresses.

> As previously stated by me, since one cannot
>contact SPEWS, there is no way to inform them of the termination of a spammer -
>so no listing will ever be removed. A spammer simply missing SPEWS' spamtraps
>does not equate to his termination.

The facts demonstrate that your oft-repeated claims in the above paragraph are
not consistent with reality. Thus your reasoning must be in error.

>
>> >Obviously, the purchasers didn't remain anonymous if the seller can identify
>> >them by repeated visits to the seller's premises.... That was the customer's
>> >choice - to repeatedly visit. [Your standard doesn't apply.]
>>
>> You are an ignoramus. The seller is expressly _not_allowed _to retain any
>> identifying information that would _let_ them identify them as repeat
>> customers on 'repeated visits'. Unless the customer _permits_ it, the
>> merchant must act as if they had "never seen that customer before", even if
>> he's been coming into that shop every day for 10 years.
>
>What a joke. Obviously not true for "mail order," "club/membership stores",
>etc. I can go on, but with you, there's no point.

READ THE DAMN LAW. Before claiming you know what it does or does not allow.

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 15.06.2005 21:11:13 von Moris

"D. Stussy" wrote in message
news:Pine.LNX.4.62.0506150717240.71@kd6lvw.ampr.org...

D. Stussy: Can you please contact me at my yahoo e-mail address, if
you can? Thanks.

[You are doing a stellar job in taking on whatever is left of the
spews fanatics.]

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 16.06.2005 01:06:27 von sethb

In article ,
D. Stussy wrote:
>On Fri, 10 Jun 2005, Seth Breidbart wrote:
>> In article ,
>> D. Stussy wrote:
>> >On Tue, 7 Jun 2005, Seth Breidbart wrote:
>> >> In article ,
>> >> D. Stussy wrote:
>> >> >On Fri, 3 Jun 2005, Seth Breidbart wrote:
>> >> >> In article ,
>> >> >> D. Stussy wrote:

>> So you admit they didn't actually make that claim, but you're
>> interpreting part of their name as being that claim?
>I admit that they state that every IP in a listed netblock is a spammer, given
>infinite time (if not previously or currently observed to be).

Where do they state that? Give the exact URL on their site.

Or are you making up statements and claiming SPEWS makes them, again?

> However, there
>is no way they can ever prove that.

Since they never said it, who cares?

>> > It is their position to list the entire IP space of a provider on
>> >the grounds that if a particular subspace of the provider's addresses
>> >hasn't spammed and isn't spamming, it WILL be spamming in the [near]
>> >future.
>> Can you list some providers whose entire IP space was listed? They
>> don't list all of SBC or MCI, for instance (to list two of the most
>> spammy networks around).
>Their very policy is proof enough.

You claim something is their position. When I point out two major
countexamples and ask you for some examples of your claim, you change
"position" to "policy" and attempt to use your own statement as
"proof". You lose, again.

>> > That classifies the ENTIRE address space as a spam source.
>> Where do they say that? Oh, right, they don't, you invented it from
>> the phrase "Early Warning".
>Their FAQ says that too.

Where?

> Failure to terminate a spammer means that they expand
>their listing until ALL of the provider's netblocks are listed.

That's right. But that doesn't say that all the provider's netblocks
are spam sources, just that they will be listed.

>> > That is SPEWS' sole reason for existence.
>> What is? Listing the entire network space (which they seldom do) of
>> spammy providers? Where do they say so? Or is that another invention
>> of yours, perhaps based on their name?

Can't answer, huh?

>> >What is their proof that these additional address blocks that haven't or aren't
>> >spamming will ever spam?
>That's my point:

Talking to yourself again?

> SPEWS CAN'T prove it, yet their design assumption is that
>these blocks will, so they list them.

They don't make that assumption, you invented it.

> SPEWS mistakenly believes that the
>maximization of the collateral damage they cause (by use of their list by
>others) by intentionally expanding their listings beyond just the spammers will
>have an effect. It doesn't

Except when it does, as we've seen in this very newsgroup.

> - and we know it by the fact of any listing of an
>entire netblock that has been in place longer than a year.

That only proves that it doesn't _always_ have an effect _in under a
year_. Sometimes it takes several years. Sometimes it might never
work. But sometimes it does work.

>> Where is the claim that they will ever spam?

Well? Where is it?

>> > There is no such proof - thus the defamation
>> There is no such claim, hence no defamation.
>Read their premise. That's the claim. Third paragraph of their home page:
>"SPEWS identifies known spammers ..., sometimes even before they start
>spamming."

If they've spammed before, and now have a new netblock, they're still
spammers, even if they haven't started spamming from their new
netblock yet.

Is that too complicated for you to understand?

>> > of the character of the ISP's other customers by calling them
>> >spammers has occurred.
>> You're the one calling them spammers, SPEWS doesn't. SPEWS calls them
>> customers of a provider that willingly provides services to spammers.
>> That doesn't imply that all of the provider's customers are spammers.
>The purpose of the list and its use does imply such,

No, it doesn't.

> and you know it.

Forgetting to put on your aluminum foil cap doesn't enable you to read
other people's minds.

> The list
>is [primarily] used to block spam sources - and thus any source listed therein
>is PRESUMED to be a spam source by the user of the list,

The fact that a user makes a presumption is relevant to what, precisely?

>> Qwest provides phone service to murderers. That doesn't say anything
>> about _all_ of Qwest's customers, now does it?
>...But you don't assume that because someone is one of Qwest's customers that
>they are a murderer.

That's right.

> With SPEWS, people DO assume that any IP address listed
>IS a spam source.

So those people are wrong. Lots of people are wrong. Starting with
you.

>> >> >> > Had they made that distinction, they might(*) have gained
>> >> >> >some respect and legitimacy.
>> >> >> >(*) - A very small probability, like 1:10^64.
>> >> >> So why would it be worth doing since it would have essentially no
>> >> >> effect?
>> >> >How do you know?
>> >> You're the one who claimed 1e-64. I know that that's a very small
>> >> number because I can do arithmetic.
>> >So, are you confirming that the chance that SPEWS could ever be respectful or
>> >legitimate is so remote as to be negligible?
>> No. I'm pointing out that your own argument lacks consistency with
>> your earlier statements.
>Apparently, you're too stupid to undertstand sarcasm when it stares you in the
>face.

You're too stupid to use it properly.

> SPEWS will never have any respect because of all the non-spammers they
>list.

Was that supposed to be an example of sarcasm? SPEWS already has lots
of respect (if the identity of its admins ever became known, they
wouldn't be able to buy themselves a drink for the next century).

> Their practice has been in place too long for any change to have an
>effect. They lost their credibility - due to listing the non-spammers without
>distinction.

They apparently have as much credibility as they want.

>> >> Then those people are using the wrong tool. There are people who
>> >> decide to use a sledgehammer to JUST crush a mosquito and NOT destroy
>> >> the wall it's sitting on; they aren't likely to succeed, either. But
>> >> the fault is that of the person who chose the wrong tool, not the
>> >> tool.
>> >No kidding. However, there are people who are.
>> So what?
>That use harms parties other than the spammers themselves.

Yes, it also harms parties who help finance networks that allow
spammers. Harming such parties doesn't bother me.

> Shifting one's spam burden onto a third party is never justified.

That's C/R, which I don't do (and as far as I know SPEWS doesn't
either).

>> > They simply see SPEWS among the lists of available DNSBLs (where
>> >the others list only spammers, or only open relays, etc.) and ASSUME
>> >that SPEWS is another spammer list.
>> What about the lists (like blackholes.us) that list all IP addresses
>> in various countries, or all owned by specific companies, etc.? Or
>> what about the lists like nofalsenegatives.stopspam.samspade.org?
>They're almost as bad.

Why is it bad to tell true statements?

> The only difference is that one KNOWS what one is
>blocking when using the country-based lists.

What about nofalsenegatives.stopspam.samspade.org?

>> >> > SPEWS claims that ALL of the IP addresses listed are spam sources
>> >> Where do they claim that? Which number answer in their FAQ?
>> >Their PURPOSE statement
>> Where is that statement? I didn't see it on their website.
>It's on their home page. I quoted it above (in this reply).

The word "PURPOSE" does not appear on the SPEWS home page.

>> > - and the definition of their name says that.
>> Oh, you mean _your_ definition of their name.
>Sorry. I did not create SPEWS, nor its acronym. Their definition is stated.

No, the words in the acronym's expansion are stated. The meaning you
choose to accord them is your own interpretation.

>> >> >- and justifies the listing of those IPs that haven't actually spammed
>> >> Congratulations! You have just won the Boursey award for
>> >> self-contradiction.
>> >Exactly
>> Congratulations again. You're the first winner ever to _accept_ the
>> Boursey award.
>Apparently, you're too stupid to understand a proof by contradiction.

You don't prove anything by contradicting yourself.

> It's
>used in mathematics and logic all the time to prove an assumption false. I
>used it here to prove SPEWS' assumptions (in their design philosophy) as false
>and fatally flawed.

You make false assumptions, and show that they contradict actual
statements, and then claim that proves someone else wrong? Logic
doesn't work that way.

>> > - the contradiction is the proof of the problem. The assumption was
>> >that ALL the addresses in the ISP's range will spam if they haven't
>> >already: A conclusion that they cannot prove.
>> Why should they prove a conclusion that you made up?
>I didn't make it up. They stated that all IP addresses listed, if not already
>spamming or having been used by spammers, will spam.

No, they didn't.

>> >> > by saying that they WILL (cf. "Early Warning" from its name).
>> >> Or at least that they might, or are more likely to than
>> >> randomly-chosen other IP addresses.
>> >"Early warning" requires that the condition that is tested for be true - and
>> >not a false positive.
>> So you claim. They don't.
>False positives, by definition, do not comprise a successful "early warning"
>system.

But they can be inherent in one. An early warning system against
burglary might be something that detects when somebody walks onto my
lawn. It will have many false positives, and will also serve as an
early warning system.

> You've just proven my point once again.
^dis

>Legitimate mail can come from ANY spam source.

So what?

> SPEWS claims that these are
>spam sources, past, present, or FUTURE,

No, it doesn't.

> and on those grounds (including the FUTURE), it deserves to be blocked.

Where does it say "deserves"?

>I'd still like to know HOW one determines that a given IP address IS a spam
>source before it's ever been used to send spam. SPEWS makes that claim.

Where? Oh, right, your own invention again.

>By saying that the listing WILL be used by spammers, they do make the claim.

SPEWS doesn't say that, you do. Does that mean you're claiming to be SPEWS?

>> "SPEWS is a list of areas on the Internet which several system
>> administrators, ISP postmasters, and other service providers have
>> assembled and use to deny email and in some cases, all network traffic
>> from." That's the first paragraph on the front page of their website.
>
>...And just how are these groups of people supposed to contribute their input?

You mean the ones who are SPEWS? Presumably, they know how to reach
each other.

>SPEWS CANNOT BE REACHED

by the general public.

>> >> Where do you get the idea that their evidence files provide all the
>> >> evidence they have? It's easy to show that they don't.
>> >So, you're confirming that SPEWS is hiding something?
>> SPEWS lists spammers based on spam received at their spamtrap
>> addresses. They don't publish those spamtrap addresses; why should
>> they? Do you post everything you know, or are you hiding something?
>SPEWS issue #3: If a particular spammer hasn't hit their spamtraps in a while,
>how does SPEWS KNOW that the spammer isn't spamming other people anymore so
>that they can remove them from its listing?

Since the spammer doesn't know where the spamtraps are, it's a good
guess that if it stops hitting them, and doesn't get reported to
nanas, then it stopped spamming.

> [This only proves that SPEWS never
>delists - because there is no way to initiate a delisting.]

Observations of the SPEWS website and actual list shows that SPEWS
_does_ delist, so your proof has just been smashed by reality.

>> Recall notices are not sent via email, are they? There are good
>> reasons for that.
>20 years ago, no. However, the world has changed.

They still aren't.

>> >> >> Only a spammer invents implied consent for the provider of a website
>> >> >> to send email to anybody who reads anything on the website.
>> >> >The law does also.
>> >> That's a law written, bought, and paid for by spammers, right?
>> >Wrong. It existed before the use of the term "spam" was coined to describe
>> >junk electronic mail.
>> There was a law about providers of websites that early? Which law?
>I never said that it was written with the Internet in mind.

Which law was it?

> We already know
>that you can't think, so there's no point in explaining it to you.

That's your way of admitting you just lost the argument.

>> >Your proof that it can't contact its resource's users is: _________
>> Since SPEWS does not have permission, it would be sending Unsolicited
>> Bulk Email. That's spamming. I've told you that before. Why can't
>> you understand it?
>It's not unsolicited - implied consent cancels that quality.

Spammers invent "implied consent". I've read SPEWS website. That
doesn't give them my consent to send me email.

>> Oh, and furthermore, SPEWS doesn't even _have_ a list of the email
>> addresses of its users. That makes notifying them by email even more
>> difficult.
>That has already been addressed. I told you how they could identify their
>users - at least by the IP address used.

Which proves nothing. The IP addresses could be proxies. Data can be
(and is) further redistributed.

> They would simply mail to the
>postmaster mailbox (since that would obviously go to the mail admin at every
>site) pertaining to each domain that the DNS server (for the DNSBL versions of
>their list) belongs to. [That was clearly too difficult for you to figure out.
>Maybe you need to go back to kindergarten and re-learn how to think.]

Maybe you need to learn that IP addresses don't have postmaster
mailboxes.

>> >> >> Yeah, if you can get Internet access you can get to other email
>> >> >> providers no matter where you are. That doesn't help your argument
>> >> >> any.
>> >> >Written by someone who lacks the understanding of "hosting" services.
>> >> I understand just how easy it is to set up a colo box.
>> >Apparently not. I'm not talking about a SINGLE box. Try 20-50 at a time.
>> You need 20-50 boxes to send email? How much email are you sending?
>I never said that all those boxes are email servers. Obviously, you don't
>understand what colocation means.

If they aren't sending email, why should anyone care if their IP
addresses are listed by SPEWS?

>And you're too stupid to understand.

Still trumpeting your own stupidity, I see.

> When one PROVIDES hosting services,
>there's a business economy of scale to have those services located in one (or a
>very few places).

When someone competent provides hosting services, he does due
diligence first. Someone incompetent deserves to just go out of
business, so his difficulties are irrelevant.

>> Precisely my point. My server is co-located, and can be anywhere in
>> the world. I don't care who blocks my local connection provider; my
>> server doesn't, because it's MY SERVER. And since I did due diligence
>> before choosing a colo provider, its IP address isn't listed in any
>> blocklist (other than for being in the US, etc.)
>
>That's an oversight that shall be corrected soon. Maybe I'll set up the moron
>RBL, and you'll be the first listing.

Go ahead. Of course, first you have to find my colo box.

And then, nobody I care about is going to use the moron's RBL, so it
matters even less.

>Why you insist on talking about a single, colocated box, when I'm talking about
>rackfuls of boxes only shows how clueless you are. When one is a HOSTING
>PROVIDER, one needs to have PHYSICAL access (for maintenance purposes) to the
>boxes - and therefore they CAN'T be anywhere in the world.

When one is a hosting provider and too stupid to do due diligence in
one's choice of a provider, one deserves to go out of business. End
of problem.

>> >> So you only have to move one of them.
>> >You seemed to miss another point that is very subtile in the use of SPEWS:
>> >There are some who use the list to block access to WEBSITES and other services
>> >hosted at any listed IP address. Moving just the mail server may not be
>> >sufficient.
>> So you web browse from the servers? OK, relocate two or three of
>> them: one mailserver, one or two proxies.
>Wrong. The list is used to block requests TO the servers (usually at the
>firewall level).

Really? By whom? But you can still get by with a couple of proxies,
just inbound instead of outbound. (Of course, your bandwidth costs
will increase, but see above about due diligence, competence, and
expected business lifetime.)

>> >> Me, personally? I'd have them all at one facility; but then, I'd have
>> >> done my due diligence (you have heard that term before, haven't you?)
>> >> before choosing that facility, so I wouldn't be blocked due to
>> >> choosing a spam-friendly hosting facility.
>> >...And prove to me that you know of EVERY list and EVERY DNSBL that exists on
>> >the Internet for you to demonstrate that due dilligence was done....
>> Of course I don't. But I do know how to find the ones that are
>> important to me.
>So, just how do you expect to have ANYONE meet the standard of due dilligence
>you defined?

I just did.

> You've just stated that even you can't demonstrate it for your
>own choice(s).

Wrong. I did it. Others have done, and will do it. It isn't hard,
except apparently for you.

>> >The reality is that you can only check those lists you know to exist.
>> Well, no. There are several websites that automatically check lots of
>> lists. Some of them check lists I'd never heard of before.
>...For you to use one of those, you KNOW the site with the meta-check exists.
>However, you still don't know (and can never tell) that you have reached every
>RBL in existence.

I don't care about reaching every RBL in existence.

>Furthermore, based on that, if you had never previously heard of SPEWS, would
>you simply think that it's another RBL listing [just] spammers?

No, I wouldn't know what it was, if I never heard of it.

> Short of visiting their web site (assuming a link or URL were made
>available), of course you would NOT!

So much for your arguments about defamation.

>> But there's a simpler method: if google never heard of it, it's
>> unlikely to have enough users for me to care about.
>Wrong. Google doesn't claim to have spanned the entire Internet (or even 50%
>of it). There's still alot missing from their indices.

Find a DNSRBL that google doesn't know about, which has enough
mailboxes behind it for me to care about. You can't? That
demonstrates my point.

>> >> >Wrong. It was precisely the case in my locality in 2002, just after a few
>> >> >hosting facilities went bankrupt after the 2001 stock-market bubble burst.
>> >> So use a hosting facility that isn't so local. You can reach it via
>> >> the Internet. You have heard of the Internet, haven't you?
>> >Not possible when one maintains one's OWN equipment.
>> Then you have to make some hard decisions. Life is like that. You're
>> the one who chose to live where you do; if some services aren't easily
>> available in your location, whose problem do you expect that is?
>Right - and I've made the hard decisions. However, the decision reality and
>what SPEWS ASSUMES is true are opposites. SPEWS assumes that a person can
>always find a non-SPEWS-listed provider.

Or put pressure on a SPEWS-listed one.

>> > Anyone who uses SPEWS to block mail from a source listed therein
>> >which is not the actual spam-source that initiated the listing is
>> >defaming the non-spamming source by calling them a spammer when they
>> >aren't.
>> You can't prove that claim. Someone can use SPEWS to block mail, and
>> all they are saying is "The emitting IP address is listed in SPEWS."
>> That doesn't imply that the sender is a spammer. Further, someone
>> using SPEWS to block email is sending the message (part of the 550)
>> only to the sender. It is not actionable for me to call you anything
>> if the only person who hears me is you; in order for any sort of
>> defamation to be actionable, it must be communicated to a third party.
>I don't have to prove that claim. SPEWS itself made the claim.

No, they didn't. You invented it.

> They have the burden of proof on the issue.

Only when a court says so. Got a ruling? I thought not.

> SPEWS says that all the IPs they list have been,
>are, or WILL BE spam sources.

No, they don't.

Seth

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 16.06.2005 03:15:35 von Moris

"Seth Breidbart" wrote in message
news:d8qc9j$262$1@reader1.panix.com...
> In article ,
> D. Stussy wrote:
> >On Fri, 10 Jun 2005, Seth Breidbart wrote:
> >> In article ,
> >> D. Stussy wrote:
> >> >On Tue, 7 Jun 2005, Seth Breidbart wrote:
> >> >> In article ,
> >> >> D. Stussy wrote:
> >> >> >On Fri, 3 Jun 2005, Seth Breidbart wrote:
> >> >> >> In article ,
> >> >> >> D. Stussy wrote:
>
> >> So you admit they didn't actually make that claim, but you're
> >> interpreting part of their name as being that claim?
> >I admit that they state that every IP in a listed netblock is a spammer,
given
> >infinite time (if not previously or currently observed to be).
>
> Where do they state that? Give the exact URL on their site.
>
> Or are you making up statements and claiming SPEWS makes them, again?
>
> > However, there
> >is no way they can ever prove that.
>
> Since they never said it, who cares?
>
> >> > It is their position to list the entire IP space of a provider on
> >> >the grounds that if a particular subspace of the provider's addresses
> >> >hasn't spammed and isn't spamming, it WILL be spamming in the [near]
> >> >future.
> >> Can you list some providers whose entire IP space was listed? They
> >> don't list all of SBC or MCI, for instance (to list two of the most
> >> spammy networks around).
> >Their very policy is proof enough.
>
> You claim something is their position. When I point out two major
> countexamples and ask you for some examples of your claim, you change
> "position" to "policy" and attempt to use your own statement as
> "proof". You lose, again.
>
> >> > That classifies the ENTIRE address space as a spam source.
> >> Where do they say that? Oh, right, they don't, you invented it from
> >> the phrase "Early Warning".
> >Their FAQ says that too.
>
> Where?
>
> > Failure to terminate a spammer means that they expand
> >their listing until ALL of the provider's netblocks are listed.
>
> That's right. But that doesn't say that all the provider's netblocks
> are spam sources, just that they will be listed.
>
> >> > That is SPEWS' sole reason for existence.
> >> What is? Listing the entire network space (which they seldom do) of
> >> spammy providers? Where do they say so? Or is that another invention
> >> of yours, perhaps based on their name?
>
> Can't answer, huh?
>
> >> >What is their proof that these additional address blocks that haven't or
aren't
> >> >spamming will ever spam?
> >That's my point:
>
> Talking to yourself again?
>
> > SPEWS CAN'T prove it, yet their design assumption is that
> >these blocks will, so they list them.
>
> They don't make that assumption, you invented it.
>
> > SPEWS mistakenly believes that the
> >maximization of the collateral damage they cause (by use of their list by
> >others) by intentionally expanding their listings beyond just the spammers
will
> >have an effect. It doesn't
>
> Except when it does, as we've seen in this very newsgroup.
>
> > - and we know it by the fact of any listing of an
> >entire netblock that has been in place longer than a year.
>
> That only proves that it doesn't _always_ have an effect _in under a
> year_. Sometimes it takes several years. Sometimes it might never
> work. But sometimes it does work.
>
> >> Where is the claim that they will ever spam?
>
> Well? Where is it?
>
> >> > There is no such proof - thus the defamation
> >> There is no such claim, hence no defamation.
> >Read their premise. That's the claim. Third paragraph of their home page:
> >"SPEWS identifies known spammers ..., sometimes even before they start
> >spamming."
>
> If they've spammed before, and now have a new netblock, they're still
> spammers, even if they haven't started spamming from their new
> netblock yet.
>
> Is that too complicated for you to understand?
>
> >> > of the character of the ISP's other customers by calling them
> >> >spammers has occurred.
> >> You're the one calling them spammers, SPEWS doesn't. SPEWS calls them
> >> customers of a provider that willingly provides services to spammers.
> >> That doesn't imply that all of the provider's customers are spammers.
> >The purpose of the list and its use does imply such,
>
> No, it doesn't.
>
> > and you know it.
>
> Forgetting to put on your aluminum foil cap doesn't enable you to read
> other people's minds.
>
> > The list
> >is [primarily] used to block spam sources - and thus any source listed
therein
> >is PRESUMED to be a spam source by the user of the list,
>
> The fact that a user makes a presumption is relevant to what, precisely?
>
> >> Qwest provides phone service to murderers. That doesn't say anything
> >> about _all_ of Qwest's customers, now does it?
> >...But you don't assume that because someone is one of Qwest's customers that
> >they are a murderer.
>
> That's right.
>
> > With SPEWS, people DO assume that any IP address listed
> >IS a spam source.
>
> So those people are wrong. Lots of people are wrong. Starting with
> you.
>
> >> >> >> > Had they made that distinction, they might(*) have gained
> >> >> >> >some respect and legitimacy.
> >> >> >> >(*) - A very small probability, like 1:10^64.
> >> >> >> So why would it be worth doing since it would have essentially no
> >> >> >> effect?
> >> >> >How do you know?
> >> >> You're the one who claimed 1e-64. I know that that's a very small
> >> >> number because I can do arithmetic.
> >> >So, are you confirming that the chance that SPEWS could ever be respectful
or
> >> >legitimate is so remote as to be negligible?
> >> No. I'm pointing out that your own argument lacks consistency with
> >> your earlier statements.
> >Apparently, you're too stupid to undertstand sarcasm when it stares you in
the
> >face.
>
> You're too stupid to use it properly.
>
> > SPEWS will never have any respect because of all the non-spammers they
> >list.
>
> Was that supposed to be an example of sarcasm? SPEWS already has lots
> of respect (if the identity of its admins ever became known, they
> wouldn't be able to buy themselves a drink for the next century).
>
> > Their practice has been in place too long for any change to have an
> >effect. They lost their credibility - due to listing the non-spammers
without
> >distinction.
>
> They apparently have as much credibility as they want.
>
> >> >> Then those people are using the wrong tool. There are people who
> >> >> decide to use a sledgehammer to JUST crush a mosquito and NOT destroy
> >> >> the wall it's sitting on; they aren't likely to succeed, either. But
> >> >> the fault is that of the person who chose the wrong tool, not the
> >> >> tool.
> >> >No kidding. However, there are people who are.
> >> So what?
> >That use harms parties other than the spammers themselves.
>
> Yes, it also harms parties who help finance networks that allow
> spammers. Harming such parties doesn't bother me.
>
> > Shifting one's spam burden onto a third party is never justified.
>
> That's C/R, which I don't do (and as far as I know SPEWS doesn't
> either).
>
> >> > They simply see SPEWS among the lists of available DNSBLs (where
> >> >the others list only spammers, or only open relays, etc.) and ASSUME
> >> >that SPEWS is another spammer list.
> >> What about the lists (like blackholes.us) that list all IP addresses
> >> in various countries, or all owned by specific companies, etc.? Or
> >> what about the lists like nofalsenegatives.stopspam.samspade.org?
> >They're almost as bad.
>
> Why is it bad to tell true statements?
>
> > The only difference is that one KNOWS what one is
> >blocking when using the country-based lists.
>
> What about nofalsenegatives.stopspam.samspade.org?
>
> >> >> > SPEWS claims that ALL of the IP addresses listed are spam sources
> >> >> Where do they claim that? Which number answer in their FAQ?
> >> >Their PURPOSE statement
> >> Where is that statement? I didn't see it on their website.
> >It's on their home page. I quoted it above (in this reply).
>
> The word "PURPOSE" does not appear on the SPEWS home page.
>
> >> > - and the definition of their name says that.
> >> Oh, you mean _your_ definition of their name.
> >Sorry. I did not create SPEWS, nor its acronym. Their definition is stated.
>
> No, the words in the acronym's expansion are stated. The meaning you
> choose to accord them is your own interpretation.
>
> >> >> >- and justifies the listing of those IPs that haven't actually spammed
> >> >> Congratulations! You have just won the Boursey award for
> >> >> self-contradiction.
> >> >Exactly
> >> Congratulations again. You're the first winner ever to _accept_ the
> >> Boursey award.
> >Apparently, you're too stupid to understand a proof by contradiction.
>
> You don't prove anything by contradicting yourself.
>
> > It's
> >used in mathematics and logic all the time to prove an assumption false. I
> >used it here to prove SPEWS' assumptions (in their design philosophy) as
false
> >and fatally flawed.
>
> You make false assumptions, and show that they contradict actual
> statements, and then claim that proves someone else wrong? Logic
> doesn't work that way.
>
> >> > - the contradiction is the proof of the problem. The assumption was
> >> >that ALL the addresses in the ISP's range will spam if they haven't
> >> >already: A conclusion that they cannot prove.
> >> Why should they prove a conclusion that you made up?
> >I didn't make it up. They stated that all IP addresses listed, if not
already
> >spamming or having been used by spammers, will spam.
>
> No, they didn't.
>
> >> >> > by saying that they WILL (cf. "Early Warning" from its name).
> >> >> Or at least that they might, or are more likely to than
> >> >> randomly-chosen other IP addresses.
> >> >"Early warning" requires that the condition that is tested for be true -
and
> >> >not a false positive.
> >> So you claim. They don't.
> >False positives, by definition, do not comprise a successful "early warning"
> >system.
>
> But they can be inherent in one. An early warning system against
> burglary might be something that detects when somebody walks onto my
> lawn. It will have many false positives, and will also serve as an
> early warning system.
>
> > You've just proven my point once again.
> ^dis
>
> >Legitimate mail can come from ANY spam source.
>
> So what?
>
> > SPEWS claims that these are
> >spam sources, past, present, or FUTURE,
>
> No, it doesn't.
>
> > and on those grounds (including the FUTURE), it deserves to be blocked.
>
> Where does it say "deserves"?
>
> >I'd still like to know HOW one determines that a given IP address IS a spam
> >source before it's ever been used to send spam. SPEWS makes that claim.
>
> Where? Oh, right, your own invention again.
>
> >By saying that the listing WILL be used by spammers, they do make the claim.
>
> SPEWS doesn't say that, you do. Does that mean you're claiming to be SPEWS?
>
> >> "SPEWS is a list of areas on the Internet which several system
> >> administrators, ISP postmasters, and other service providers have
> >> assembled and use to deny email and in some cases, all network traffic
> >> from." That's the first paragraph on the front page of their website.
> >
> >...And just how are these groups of people supposed to contribute their
input?
>
> You mean the ones who are SPEWS? Presumably, they know how to reach
> each other.
>
> >SPEWS CANNOT BE REACHED
>
> by the general public.
>
> >> >> Where do you get the idea that their evidence files provide all the
> >> >> evidence they have? It's easy to show that they don't.
> >> >So, you're confirming that SPEWS is hiding something?
> >> SPEWS lists spammers based on spam received at their spamtrap
> >> addresses. They don't publish those spamtrap addresses; why should
> >> they? Do you post everything you know, or are you hiding something?
> >SPEWS issue #3: If a particular spammer hasn't hit their spamtraps in a
while,
> >how does SPEWS KNOW that the spammer isn't spamming other people anymore so
> >that they can remove them from its listing?
>
> Since the spammer doesn't know where the spamtraps are, it's a good
> guess that if it stops hitting them, and doesn't get reported to
> nanas, then it stopped spamming.
>
> > [This only proves that SPEWS never
> >delists - because there is no way to initiate a delisting.]
>
> Observations of the SPEWS website and actual list shows that SPEWS
> _does_ delist, so your proof has just been smashed by reality.
>
> >> Recall notices are not sent via email, are they? There are good
> >> reasons for that.
> >20 years ago, no. However, the world has changed.
>
> They still aren't.
>
> >> >> >> Only a spammer invents implied consent for the provider of a website
> >> >> >> to send email to anybody who reads anything on the website.
> >> >> >The law does also.
> >> >> That's a law written, bought, and paid for by spammers, right?
> >> >Wrong. It existed before the use of the term "spam" was coined to
describe
> >> >junk electronic mail.
> >> There was a law about providers of websites that early? Which law?
> >I never said that it was written with the Internet in mind.
>
> Which law was it?
>
> > We already know
> >that you can't think, so there's no point in explaining it to you.
>
> That's your way of admitting you just lost the argument.
>
> >> >Your proof that it can't contact its resource's users is: _________
> >> Since SPEWS does not have permission, it would be sending Unsolicited
> >> Bulk Email. That's spamming. I've told you that before. Why can't
> >> you understand it?
> >It's not unsolicited - implied consent cancels that quality.
>
> Spammers invent "implied consent". I've read SPEWS website. That
> doesn't give them my consent to send me email.
>
> >> Oh, and furthermore, SPEWS doesn't even _have_ a list of the email
> >> addresses of its users. That makes notifying them by email even more
> >> difficult.
> >That has already been addressed. I told you how they could identify their
> >users - at least by the IP address used.
>
> Which proves nothing. The IP addresses could be proxies. Data can be
> (and is) further redistributed.
>
> > They would simply mail to the
> >postmaster mailbox (since that would obviously go to the mail admin at every
> >site) pertaining to each domain that the DNS server (for the DNSBL versions
of
> >their list) belongs to. [That was clearly too difficult for you to figure
out.
> >Maybe you need to go back to kindergarten and re-learn how to think.]
>
> Maybe you need to learn that IP addresses don't have postmaster
> mailboxes.
>
> >> >> >> Yeah, if you can get Internet access you can get to other email
> >> >> >> providers no matter where you are. That doesn't help your argument
> >> >> >> any.
> >> >> >Written by someone who lacks the understanding of "hosting" services.
> >> >> I understand just how easy it is to set up a colo box.
> >> >Apparently not. I'm not talking about a SINGLE box. Try 20-50 at a time.
> >> You need 20-50 boxes to send email? How much email are you sending?
> >I never said that all those boxes are email servers. Obviously, you don't
> >understand what colocation means.
>
> If they aren't sending email, why should anyone care if their IP
> addresses are listed by SPEWS?
>
> >And you're too stupid to understand.
>
> Still trumpeting your own stupidity, I see.
>
> > When one PROVIDES hosting services,
> >there's a business economy of scale to have those services located in one (or
a
> >very few places).
>
> When someone competent provides hosting services, he does due
> diligence first. Someone incompetent deserves to just go out of
> business, so his difficulties are irrelevant.
>
> >> Precisely my point. My server is co-located, and can be anywhere in
> >> the world. I don't care who blocks my local connection provider; my
> >> server doesn't, because it's MY SERVER. And since I did due diligence
> >> before choosing a colo provider, its IP address isn't listed in any
> >> blocklist (other than for being in the US, etc.)
> >
> >That's an oversight that shall be corrected soon. Maybe I'll set up the
moron
> >RBL, and you'll be the first listing.
>
> Go ahead. Of course, first you have to find my colo box.
>
> And then, nobody I care about is going to use the moron's RBL, so it
> matters even less.
>
> >Why you insist on talking about a single, colocated box, when I'm talking
about
> >rackfuls of boxes only shows how clueless you are. When one is a HOSTING
> >PROVIDER, one needs to have PHYSICAL access (for maintenance purposes) to the
> >boxes - and therefore they CAN'T be anywhere in the world.
>
> When one is a hosting provider and too stupid to do due diligence in
> one's choice of a provider, one deserves to go out of business. End
> of problem.
>
> >> >> So you only have to move one of them.
> >> >You seemed to miss another point that is very subtile in the use of SPEWS:
> >> >There are some who use the list to block access to WEBSITES and other
services
> >> >hosted at any listed IP address. Moving just the mail server may not be
> >> >sufficient.
> >> So you web browse from the servers? OK, relocate two or three of
> >> them: one mailserver, one or two proxies.
> >Wrong. The list is used to block requests TO the servers (usually at the
> >firewall level).
>
> Really? By whom? But you can still get by with a couple of proxies,
> just inbound instead of outbound. (Of course, your bandwidth costs
> will increase, but see above about due diligence, competence, and
> expected business lifetime.)
>
> >> >> Me, personally? I'd have them all at one facility; but then, I'd have
> >> >> done my due diligence (you have heard that term before, haven't you?)
> >> >> before choosing that facility, so I wouldn't be blocked due to
> >> >> choosing a spam-friendly hosting facility.
> >> >...And prove to me that you know of EVERY list and EVERY DNSBL that exists
on
> >> >the Internet for you to demonstrate that due dilligence was done....
> >> Of course I don't. But I do know how to find the ones that are
> >> important to me.
> >So, just how do you expect to have ANYONE meet the standard of due dilligence
> >you defined?
>
> I just did.
>
> > You've just stated that even you can't demonstrate it for your
> >own choice(s).
>
> Wrong. I did it. Others have done, and will do it. It isn't hard,
> except apparently for you.
>
> >> >The reality is that you can only check those lists you know to exist.
> >> Well, no. There are several websites that automatically check lots of
> >> lists. Some of them check lists I'd never heard of before.
> >...For you to use one of those, you KNOW the site with the meta-check exists.
> >However, you still don't know (and can never tell) that you have reached
every
> >RBL in existence.
>
> I don't care about reaching every RBL in existence.
>
> >Furthermore, based on that, if you had never previously heard of SPEWS, would
> >you simply think that it's another RBL listing [just] spammers?
>
> No, I wouldn't know what it was, if I never heard of it.
>
> > Short of visiting their web site (assuming a link or URL were made
> >available), of course you would NOT!
>
> So much for your arguments about defamation.
>
> >> But there's a simpler method: if google never heard of it, it's
> >> unlikely to have enough users for me to care about.
> >Wrong. Google doesn't claim to have spanned the entire Internet (or even 50%
> >of it). There's still alot missing from their indices.
>
> Find a DNSRBL that google doesn't know about, which has enough
> mailboxes behind it for me to care about. You can't? That
> demonstrates my point.
>
> >> >> >Wrong. It was precisely the case in my locality in 2002, just after a
few
> >> >> >hosting facilities went bankrupt after the 2001 stock-market bubble
burst.
> >> >> So use a hosting facility that isn't so local. You can reach it via
> >> >> the Internet. You have heard of the Internet, haven't you?
> >> >Not possible when one maintains one's OWN equipment.
> >> Then you have to make some hard decisions. Life is like that. You're
> >> the one who chose to live where you do; if some services aren't easily
> >> available in your location, whose problem do you expect that is?
> >Right - and I've made the hard decisions. However, the decision reality and
> >what SPEWS ASSUMES is true are opposites. SPEWS assumes that a person can
> >always find a non-SPEWS-listed provider.
>
> Or put pressure on a SPEWS-listed one.
>
> >> > Anyone who uses SPEWS to block mail from a source listed therein
> >> >which is not the actual spam-source that initiated the listing is
> >> >defaming the non-spamming source by calling them a spammer when they
> >> >aren't.
> >> You can't prove that claim. Someone can use SPEWS to block mail, and
> >> all they are saying is "The emitting IP address is listed in SPEWS."
> >> That doesn't imply that the sender is a spammer. Further, someone
> >> using SPEWS to block email is sending the message (part of the 550)
> >> only to the sender. It is not actionable for me to call you anything
> >> if the only person who hears me is you; in order for any sort of
> >> defamation to be actionable, it must be communicated to a third party.
> >I don't have to prove that claim. SPEWS itself made the claim.
>
> No, they didn't. You invented it.
>
> > They have the burden of proof on the issue.
>
> Only when a court says so. Got a ruling? I thought not.
>
> > SPEWS says that all the IPs they list have been,
> >are, or WILL BE spam sources.
>
> No, they don't.
>
> Seth

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 16.06.2005 06:14:53 von Nobody

Moris wrote:
> "D. Stussy" wrote in message
> news:Pine.LNX.4.62.0506150717240.71@kd6lvw.ampr.org...
>
>
>
> D. Stussy: Can you please contact me at my yahoo e-mail address, if
> you can? Thanks.
>
> [You are doing a stellar job in taking on whatever is left of the
> spews fanatics.]
>

GAWD !! It's a mating ritual .

Re: XXXXXXX

am 16.06.2005 08:44:08 von Adam

In article <_wJre.4271$hK3.3895@newsread3.news.pas.earthlink.net>
Alan Connor wrote:

>There are now over 200 people (that I know of) using my
>little Challenge-Response-System. (None of them, including
>me, now include the name of the program or its URL in the C/Rs
>themselves. People who are interested just ask the person
>they received it from. And ALL of the people use differently-
>formatted C/Rs :-)
>

Over 200 people?
That many idiots out there?

>Earthlink, one of the world's largest ISPs offers them
>as a part of their standard spam-fighting package, as do
>many lesser ISPs.
>

It is not your system.
Earthlink developed it's own when you were still having milk as your
only allowed food.

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 16.06.2005 20:38:07 von Robert Briggs

[Seth Breidbart wrote an extended response to D. Stussy]

Seth, ISTM that you are giving Stussy an undeservedly large
amount of your attention.

I mean, arguing the toss with you about the definition of
spam seems at least a tad perverse. :-)

Re: XXXXXXX

am 18.06.2005 04:48:21 von sethb

In article <_wJre.4271$hK3.3895@newsread3.news.pas.earthlink.net>,
Alan Connor wrote:
>
>
>Hi Seth,

Oh, look, the C/R spammer attempts to hijack another thread.

>There are now over 200 people (that I know of) using my
>little Challenge-Response-System.

How many of them are afraid to post to Usenet with their real email
addresses the way you are?

> (None of them, including
>me, now include the name of the program or its URL in the C/Rs
>themselves. People who are interested just ask the person
>they received it from. And ALL of the people use differently-
>formatted C/Rs :-)

Thereby making their spam harder to detect.

>Earthlink, one of the world's largest ISPs offers them
>as a part of their standard spam-fighting package, as do
>many lesser ISPs.

Is that why Earthlink told you to stop using yours?

>No, I'm not reading any replies to this.

See? The spammer just attempts to hijack threads, and knows that he
can't win arguments so he pretends not to listen.

>You all are boring and obnoxious and don't even know what the
>word "honesty: means.

Why can't you answer any questions? Start with those in the Alan
Connor faq.

>If you don't like Challenge-Response-Systems, then eat
>shit.

Or get the idiots who use them kicked off mailing lists. Just
yesterday, one idiot was kicked off spamtools for using a C/R system
on the list.

>Oh! And stay out of my mailboxes.

Whine, whine, whine.

>That's an order,

Whine, whine, whine.

> not a request, and my little program
>will enforce it without even telling me about it.

Whine, whine, whine.

Seth

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 18.06.2005 04:53:13 von sethb

In article ,
D. Stussy wrote:
>On Tue, 14 Jun 2005, Seth Breidbart wrote:

>> Listing 0/0 would maximize interference with legitimate mail. SPEWS
>> doesn't do that. Therefore, you're wrong (again).
>
>Sorry. That's exactly what SPEWS does:

SPEWS doesn't list 0/0.

> It maximizes collateral damage within
>the networks it lists

It doesn't list all of MCI, just some of it. Why do you keep lying
about things that anybody could easily check?

> instead of minimizing it - on the FLAWED assumption that
>the collaterally damanged non-spammers will cause their ISP to terminate the
>spammers (or even have the power to do so, "checkbook" or otherwise).

Sometimes that works. Other times the non-spammers leave.

Have you seen the price of Savvis stock lately?

> The only
>way to guarentee 100% spam elimination is to provide for 100% email
>elimination.

So who is claiming 100% spam elimination?

> Interference with legitimate mail is precisely what SPEWS is
>about, by design.

Keep whining and inventing what you claim others are doing.

>> No, it's determined by CONSENT, not CONTENT.
>
>Wrong.

Keep inventing new meanings for words, too.

> If some distant relative that you never gave your mailbox address
>to sent you a mail "out of the blue," I seriously doubt that you would call it
>spam even though you never had given him consent. You would know by content
>that it wasn't.

Depends on what he was trying to sell me. When he claimed that
another relative had died leaving umpteen million dollars he'd share
with me if I helped him bring it into the US I decided he was
spamming.

> I'm glad I'm not your relative.

Not half as glad as I am.

>> Non-spammers aren't necessarily innocent. Non-spammers who provide
>> financial support to spam-friendly networks are specifically not
>> innocent.
>
>SPEWS-droid talk.

Is that your way of admitting you can't refute the argument?

>If they aren't spammers, they ARE innocent

So the people who host websites for spammers are innocent, in your
view?

> - unless you can prove that they
>KNEW that their provider was spammer-friendly WHEN they signed the
>contract.

So long as they continue to patronize it once they learn it's
spammer-friendly, they then become spammer-friendly-supporters, which
is not an innocent state.

Seth

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 18.06.2005 05:00:42 von sethb

In article ,
D. Stussy wrote:
>On Sat, 4 Jun 2005, V wrote:
>> "Mark" wrote in message
>> news:42a1074f$0$1687$ed2e19e4@ptn-nntp-reader04.plus.net...
>> > "Seth Breidbart" decided to chill out:

>In the absence of such proof, it is reasonable to assume that the entire range
>MAY be a source.

Given that huge amounts of spam emanate from part of the range, and
that the provider is spammer-friendly (and hence might move the
spammer to another part of the range if the IP he's on now gets
blocked), and the other IP addresses in the range merely MAY emit a
legitimate email every other century or so, I'd say that blocking the
entire range makes sense.

>> >> >Since those parties use SPEWS' resources, it won't be spam.
>> >> Unsolicited, check. Bulk, check. Email, check. Yes, it's spam.
>> > No, it is not.
>> > Let me give you a quick lesson on what is spam and what
>> > is not,

Yeah, right.

>> > from the recipient's p.o.v.

Spam is not a "point of view" issue. "Pretty" is a p.o.v. issue.
"Desired" is a p.o.v. issue. "MIME" is not a p.o.v. issue.
Understand? Things that are point of view issues are subjective.
Things that are objective are not point of view issues.

>> > When the intended recipient of an
>> > email both recognizes the sender and has no qualms in receiving a
>> > message from that sender (either because he gave the sender prior
>> > consent or by being associated to the sender in some manner, e.g. the
>> > local retirement club which he visits twice a week) that email is
>> > _not_ spam. Anything else is spam.

So the message from a distant relative you hadn't met before now _is_
spam according to your definition? Or can everybody who ever attended
the same school as you or lived in the same city or was otherwise
weakly associated with you attempt to sell you herbal viagra, and it
isn't spam?

>Implied consent is a legal term that predates electronic mail. Therefore,
>spammers could not have invented it.

Implied consent to receive email did not exist prior to electronic
mail. Only spammers claim that such a concept is meaningful;
everybody else insists on actual consent.

>> > If an email blacklist or filter prevents a non-spam email reaching its
>> > intended recipient, that email becomes a false-positive.
>> To the intended recipient and the sender: yes. To SPEWS: no (although I
>> cannot speak for SPEWS, since I have nothing to do with SPEWS).
>Then why are you defending them?

Because they're right.

Seth

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 18.06.2005 05:03:13 von sethb

In article <42B1C70F.37BB22DE@BITphysics.orgBUCKET>,
Robert Briggs wrote:
>[Seth Breidbart wrote an extended response to D. Stussy]
>
>Seth, ISTM that you are giving Stussy an undeservedly large
>amount of your attention.
>
>I mean, arguing the toss with you about the definition of
>spam seems at least a tad perverse. :-)

I know; I'm just wondering how long it will take him to catch on.

Seth

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 19.06.2005 23:09:22 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 19.06.2005 23:12:23 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 19.06.2005 23:19:34 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 20.06.2005 01:53:21 von IANAL_VISTA

"D. Stussy" wrote in
news:Pine.LNX.4.62.0506191953550.104@kd6lvw.ampr.org:
[...snipped...]
>
> It has failed at the purpose of stopping spam at its source - the
> ultimate goal of any anti-spam device.

Which available anti-spam device actually does stop spam at its source?

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 20.06.2005 11:50:43 von bonomi

In article ,
D. Stussy wrote:
>On Wed, 15 Jun 2005, Robert Bonomi wrote:
>> In article ,
>> D. Stussy wrote:
>> >On Mon, 13 Jun 2005, Robert Bonomi wrote:
>> >> b) 'Listed' does *NOT* mean 'spammer'. "listed" means
>"address-space we (the
>> >> SPARTICUS group) do not accept mail from". Nothing more. Spelled out
>> >> very succinctly in the FAQ - Q&A 1.
>> >
>> >Read on: When they say that any netblock listed has "few to no legitimate
>> >senders," they are in fact calling everyone in that block a spammer.
>>
>> Yet another Stussey Lie(TM).
>>
>> Provable _just_ by the 2 lines above. If a block with 'a few' legitimate
>> senders _is_ listable, then it is clear that _not_ 'everyone' in that block
>> is being called a spammer.
>>
>> >Wrong. I simply recognize that "early warning" systems also have to minimize
>> >false positives
>>
>> An assumption *not* supported by facts -- as regards any existant real-world
>> early warning system.
>>
>> Case in point: Do you have any idea how many alerts have been generated by
>> the North American "Distant Early Warning" system? Of that _large_ number,
>> do you have any idea how many have been 'false positives' of an act of war?
>
>I may not be aware of EVERY case, but there was a time when I was in the loop.

OK, *HOW*MANY* "non false positives" were there in that time? Either absolute
numbers, or as a percentage of total alerts? They did an AMAZINGLY POOR JOB
of "minimizing" false positives didn't they?

>I'm not saying that false positives have to be eliminated - but that they do
>have to be minimized. SPEWS doesn't strive to minimize them.

Unless you are SPEWS, you have no idea what they do or do not do, in regard
to minimization. There is always a trade-off between the number of false-
positive alerts and the 'lead time' of the warning in the case of an actual
event. If you minimize one, you _unavoidably_ minimize the other. You may
not 'like' where *they* have chosen to balance that trade-off, but it is
*their* prerogative to draw that line where they choose. You have no right
nor authority, to dictate where that line 'must' be drawn'.

You can 'disagree' with where they choose to draw the line, but there is
*NOTHING* that makes _your_opinion_ any more or less 'right' than their
opinion about the matter. They chose 'more warning', you would choose
'fewer false positives'. Neither position is more 'right' than the other
one.

>> > while SPEWS MAXIMIZES false positives. We all know
>that 100%
>> >blocking of ALL mail is the only way to guarentee 100% blocking of all spam.
>> >As has been said before, SPEWS should just list 0.0.0.0/0 and be done
>with it -
>> >because, as implemented, it fails its goals.
>>
>> Yet another Stussey Lie(TM).
>>
>> What SPEWS actually fails to meet _Stussey's_ interpretation of SPEWS' goals.
>>
>> Of course, a 'database' doesn't _have_ goals, it just _exists_, so one must
>> assume that Stussey means 'the people who established SPEWS'.
>
>That much was intrinsically clear - SPEWS is an ORGANIZATION that produces a
>database; not the list itself.

Yet another "Stussey Demonstration of Illiteracy"(tm)
Quote: " Q1: What is SPEWS?
A1: SPEWS is a list of areas on the Internet that several system
administrators, ISP postmasters, and other service providers have
assembled and use to deny email and in some cases, other network
traffic, from.
Quote: "The bouncer is our email/packet filtering software, the list it uses
is called SPEWS."

>> *THEIR* 'goal', is, however clearly stated in A1 in the FAQ -- to protect
>> the systems *they* run. If it failed at -that- purpose, they would obviously
>> quit using it. and quit supporting it. Ergo it *is* fulfilling _their_
>> needs, and meating *their* design goals.
>
>It has failed at the purpose of stopping spam at its source - the ultimate
>goal of any anti-spam device.

Yet another "Stussey Demonstration of Illiteracy"(tm)
From the FAQ:
Q3: Why not let Internet Service Provider (ISPs) and the large data
network companies handle the spam problem?
A3: We'd love to, but given the history of the ineffectiveness of some
ISPs and networks due to lack of interest, lack of funds, and no lack
of uneducated security/abuse people, the only way one can attempt to
fully stop spam is at the recipient end rather than the point of
origin.

By Mr. Stussey's criteria of "the ultimate goal of any anti-spam device",
*every* anti-spam device is a failure. Thus, they *all* must be abandoned.
Even JHD is a failure by that criteria -- he insists it, too, must be abandoned.

>> And Mr Stussey's claim to the contrary is pure fiction.
>
>Wrong. My claim is based on their self-contradictions.

Contradictions that exist only in *your* mis-interpretations of what the
FAQ and web-site actually say. Fallacious arguments based on things like
ignoring expressly stated 'qualifying conditions', "post hoc, ergo propter hoc"
reasoning, inability to comprehend that "a->b" does *NOT* imply that "!a->!b",
among others.

>> >> >What they say is that they don't like the time lag between a spammer
>> >> >starting a spam run and the time it takes to list the spammer in a
>database
>> >> >- so they will list these spammers [sometimes even] BEFORE they spam
>> >> >(paraphrase of the third paragraph from SPEWS' home page).
>Therefore, what
>> >> >SPEWS lists are spammers and spam operations. One doesn't even find out
>> >> >that "spam operations" means the spammers' providers until one carefully
>> >> >reads the FAQ at Q&A 5 - and that's not even clear as it says that the
>> >> >netblocks were set up by known spammers - that is, an ENTIRE
>netblock listed
>> >> >is a spam source, even if it hasn't spammed yet. The FAQ doesn't actually
>> >> >say that the provider (ISP) hosting a [non-terminated] spammer is a "spam
>> >> >operation" until FAQ Q&A 6. This is counterintuitive to the common
>> >> >definition of what most people consider a spammer. FAQ Q&A 21
>states that a
>> >> >"level 1 listing" is of netblocks that have "few or no legitimate
>> >> >customers." That's effectively calling EVERY address in those netblocks
>> >> >spammers.
>> >>
>> >> You lie. You admit the information _IS_THERE_. Not as clearly as
>you desire;
>> >> Not as prominently as you desire, perhaps, buy you did admit that it *is*
>> >> there.
>> >
>> >That's not a lie.
>>
>> You admit the information is there. Yet your claim that it is *not* there
>> is "not a lie". Riiiiiiiiight! *snort*
>>
>> >> You can't even *quote* published data without maliciously distorting it.
>> >>
>> >> The SPEWS FAQ "Q&A 21" does *NOT* say that listed blocks "have" (your word)
>> >> few or no legitimate customers, but blocks where few or no such customers
>> >> have been DETECTED. Whether or not you choose to admit it, there is a
>> >> significant difference between those two words.
>> >>
>> >> If you read the FAQ Q&A1, it should be obvious that the SPARTICUS group has
>> >> access to fairly extensive "means" for 'detecting' legitimate e-mail
>> >> senders in any particular address-space.
>> >
>> >Utter BS. There's no way that they can detect ANY such mail from any
>of these
>> >legitimate users in the absence of being the recipient of the mail or having
>> >the mail pass through their own equipment (packet sniffing included).
>>
>> Lessee, it is "utter BS" several 'system administrators, ISP postmasters,
>> and other service providers' might have large volumes of mail that "pass
>> through their equipment", to detect legitimate mail-senders with
>>
>> Riiiiiiiiiiight!
>
>Then - YOU EXPLAIN HOW "they" DETECT legitimate mail, since they claim that
>they can (in order to claim that they haven't)?

Repeating for the illiterate (who can't see material 16 lines above here):

"If you read the FAQ Q&A1, it should be obvious that the SPARTICUS group has
access to fairly extensive "means" for 'detecting' legitimate e-mail senders
in any particular address-space."

Those 'means', in case it isn't clear, are logs from mail-servers that handle
large volumes of incoming email for other people.

>> >is is just another SPEWS-fallacy so that they can justify calling everyone in
>> >the netblock spammers because they "didn't know they were there."
>>
>> Yet another Stussie Lie(TM).
>>
>> >> The people/addresses that _do_not_ send e-mail directly from that address-
>> >> space are *not* part of the equation. Even by _your_ standards SPEWS never
>> >> 'defames' any of _those_ people, because *NOBODY*EVER*ASKS* for an opinion
>> >> about those addresses. Since no opinion is ever offered, _regardless_ of
>> >> whether an expressed opinion _might_ be considered defamatory, The absence
>> >> of the expression of that opinion means that no *possible* defamation
>> >occurred.
>> >
>> >See above.
>> >
>> >> >BTW, since legitimate senders don't spam, and SPEWS claims that they
>> >can detect
>> >> >legitimate senders (a necessary implication of FAQ Q&A 21), just
>HOW do they
>> >> >detect these legitimate senders if none of them ever sends any e-mail
>> >to anyone
>> >> >affiliated with SPEWS?
>> >>
>> >> Do you know what the word 'detect' means? And what that requires,
>above and
>> >> beyond that it 'exist'?
>> >>
>> >> Do you understand the difference between "not detected", and "not
>existent"?
>> >
>> >Do you understand the meaning of the word "assumption?"
>> >
>> >> Do you suppose it possible that an ISP postmaster might have an
>arcane object
>> >> known as a "log", that records addresses of the systems that send mail to
>> >> his customers?
>> >
>> >Do you suppose that there may be mail servers in the world that have
>never sent
>> >mail to a given host and therefore won't appear in those logs?
>>
>> Of course there may be such. And BFD applies. "perfection" is _not_ an
>> operational necessity.
>> > That does not
>> >make them spammers, yet SPEWS ASSUMES they would be because these hosts would
>> >not be among the "few legitimate senders detected."
>>
>> Yet another Stussey Lie(TM).
>
>
>Not a lie - a conclusion: "... even before they start spamming." That means
>that SPEWS intentionally lists current non-spamming addresses on the grounds
>that they are FUTURE SPAMMERS - and without distinction from the CURRENT ones.

Yet another Stussey Lie(TM)
In the form of a deliberate 'out-of-context' quote with the "qualifying
conditions" removed.

The _accurate_ statement is
"SPEWS identifies known spammers and spam operations, listing them
right as they start, sometimes even before they start spamming."

Of course, Mr. Stussey would _never_ use the full sentence, because it shows
the fallacy of his 'manufactured' argument.

Listing a 'known spammer' is not a claim that they will become a 'FUTURE
SPAMMER'. "What they are, is already established. All that remains," as
Mr. Churchill would have said, "is to see when they will do it *again*."

>> >> And, _who says_ that nobody ever sends any email to anyone affiliated with
>> >> SPEWS? The FAQ Q&A1 makes it quite clear that 'at least some' of the
>> >> SPARTICUS group deal with incoming e-mail as a regular part of their daily
>> >> work.
>> >
>> >Are you saying that the "Sparticus group" runs SPEWS or knows who does?
>> >
>> >> Purely as a hypothetical, say that one of the SPARTICUS group was
>employed by
>> >> a _large_ mail-hosting operation -- "AOL" for instance, or "bluewin", or
>> >> "British Telecom", or maybe "outblaze", as a mail-admin, Do you suppose,
>> >> that in that scenario, they just _might_ have a d*mn good idea
>where most of
>> >> the active mail-servers in the entire _world_ are? Based simply on the
>> >> records of where 'legitimate' mail inbound to their system comes from?
>> >
>> >Knowing where the most active servers are
>>
>> Is it that you can't read, or do you *deliberately* mis-interpret, mis-quote
>> people?
>
>I read quite well. The SPEWS' pages aren't written well.

I was referring to the way you mangled what _I_ said. The way you 'transformed'
"most of the active mail-servers in the entire world' to meaning only "the
most active servers".

Given that you claim you _can_ read, then the mis-representation, mis-quotation,
and mis-interpretation you persist in engaging in *must* be deliberate.

That leaves only two possible explanations: malice, and stupidity.

>> *YOUR* ethics are clearly suspect --
>> You have no qualms about publicly defaming someone based on your own
>> unsupported-by-facts speculations.
>>
>> Yet you castigate SPEWS for committing what you consider to be similar
>> defamation. Obviously "do as I say, not as I do", applies.
>>
>> >> There is published record in NANAE showing messages captured from spammer
>> >> bulletin-boards/web-sites demonstrating _exactly_ that.
>> >
>> >I haven't detected that spammers were talking about me! Where have you seen
>> >this? I must have missed those posts.
>>
>> Lessee, the assertation was made:
>> 'spammers do flock to places where they are "not unwelcome", ...
>> Spammers spend lots of time telling each other where such
>> places are.'
>>
>> And you propose to rebut that with an assertation that spammers haven't
>> been talkig about _you_.
>
>I only followed what you said (including the part that is now omitted). The
>last "that" references back to me. Read what you wrote. Perhaps you meant
>something else, but that's not what you wrote.
>
>> Are you asserting that your operation is one that qualifies, in your mind
>> at least, as one where spammers are "not unwelcome"?
>
>No. I have no spammers using my server. My subnet, controlled by my friend
>as network administrator, does not allow spammers on his slice of the Internet.
>We have done our share in shutting down some spammers too. They are certainly
>not welcome, nor do we have any.
>
>> >> Many times over. over a period going back years. See the "DHS
>Club" history
>> >> and "bulkbarn" references, just to name a couple.
>> >
>> >Very interesting - as I didn't start reading NANAE until about 3
>years ago....
>>
>> Reports concerning the DHS club "sharing" of 'spammer-friendly provider'
>> contacts are probably within that range.
>
>A guess by you - another assumption.

Meaning I did not take the time to go research exact dates, yes.

The existence of multiple such reports _is_ a fact.

Your "ignorant" claim that one 'must' circulate in spammer circles to have
access to reports that were publicly made in *this* forum, and your willingness
to defame others _based_on_your_ignorance_ is now a matter of public record
as well.

> Excuse me for not reading 200+ posts/day
>every day for the past 3 years. Too much volume and SPEWS-droid bashing of
>others - with very little viable content.

Those who "know what they don't know" can be educated.
Those who "*don't* know what they don't know", and make public assertations
about how things "must be", based on what they "think they know (especially
when that happens not to be true)", demonstrate what kind of a fool they are.

>> Your lack of awareness/knowledge of history establishes what you "don't know".
>
>I never claimed to know everything.

Yet you assert things "cannot happen" except in ways you "know about".
And you are comfortable defaming people based on your lack of knowledge
regarding what is, in fact, published, and publicly available, data.

>> >So, you're saying that in the ABSENCE of a complaint, that ISP's regularly
>> >monitor the CONTENT of the traffic sent over their bandwidth???? Do you
>> >realize how much computing hardware must be used just to do that?
>Even with a
>> >single T3 line (45Mb/s+), adjacent TCP packets in a "connection" could have
>> >several thousands (or even hundreds of thousands) of other packets between
>> >them. I've never heard such a ludicrous claim before....
>>
>> Mr. Stussey again demonstrates that he "doesn't know what he doesn't know".
>>
>> Yes, many providers _do_ do many kinds of traffic analysis on _all_ the
>> packets that pass through their network.
>
>I am aware of that. However, their analysis does not usually extend to the
>DATA of that traffic as you claim it ALWAYS does.

Yet another Stussey Lie(TM).

> It is usually just a measure
>of how much (by size) is going where from which customer, when, and by what
>route.

NO, it is routinely a *LOT* more than that.
source/destination IP
protocol
source/dest port or packet type (for non 'port' protocols)
*plus* a whole lot more.

from the "industry standard software" description
"can perform protocol analysis, content searching/matching, and can be
used to detect a variety of attacks and probes, such as buffer
overflow, stealth port scans, CGI attacks, SMB probes, OS
fingerprinting attempts, and much more"

>> Yes, it takes some pretty big hardware. two sets of 'pretty big' hardware,
>> in fact. One for the 'raw data capture' and reduction, and the other one
>> do do the analysis.
>
>According to you, there is no data reduction - as that would eliminate the spam
>content monitoring ability.

Yet another Stussey Lie(TM)

The monitoring/analysis 'front-end' gear can be, and is, 'tuned' on the fly.

It reports basic 'line items' (from/to, when) to the back-end, which are
consolidated and examined for interesting trends. When an 'alert' for
"something interesting" happens, _modified_ directions are sent to the
appropriate front-end boxes to report on the 'selected' traffic, in more
detail -- up to and including capturing complete packet contents.

Simply monitoring packet volume by port and customer address is amazingly
effective at identifying the occasional source that needs "closer inspection".

Whether it is a e-mail spam run, a zombie participating in a DDOS, a 'command
and control' machine for a zombie network, a virus-dropper, the tooling can
track it.

> Remember that one-to-many emails are also
>indicative of valid mailing lists (those where the recipients have requested to
>be on).

When you see: MAIL FROM:<%RANDOMFIRSTNAME%.%RANDOMLASTNSME%@yahoo.co.uk>
(and I mean _exactly_ that -- where the parameter substitution _failed_)
coming from a machine in Beaumont,Texas, there is essentially a _zero_
possibility that it is a 'valid' mailing list.

>
>> Yes, they *do* deploy that kind of hardware for the tasks.
>
>Not on the manner that you described. I seriously doubt that they are scanning
>every SMTP transaction and filtering through spam detectors. I've been in
>several facilities - and what is monitored is traffic flow, not what's IN that
>traffic.

Again proving that "you don't know what you don't know".

No, they're not scanning _just_ SMTP transactions, nor are they running
_everything_ through "spammish content" detectors.

They are running tools that do a _lot_ more than just scan port 25 traffic.

If 'unusual' patterns of traffic to/from a given machine show up; then further
traffic of that type, to/from that machine gets flagged for more detailed
analysis. which may lead to more detailed data capture; up to and including
complete packet contents.

>> They even talk about it, to other network operations people. How much
>> hardware it takes, How to deploy it, with the least impact on network
>> performacne, How much data it generates, and reduction techniques for
>> extracting the 'useful' stuff.
>>
>> 'Spammer identification" is a several-step process:
>> 1) you monitor traffic _volume_ by address *and* port.
>> you see "excessive" port 25 traffic involving a particular address
>> 2) when those alarms go off, you enable 'deeper' analysis of
>> that traffic. e.g., capturing packet content for analysis of headers,
>> looking for 'virus' stigmata, etc.
>
>Where's step 3 and after? You said SEVERAL.

Yup. Several it is. Read step 2 _carefully_ -- you did say you knew how to
read. Step 2 is 'capturing' detail data. There is also mention of (multiple)
things that may be done with that 'captured' data. *THAT* is Step 3 and
beyond.

Details of what and how are not appropriate for a public forum, especially
not one where major spammers are known to be observing.

>> ...
>> >> What you claim is nothing more than your "interpretation" of what their
>> >> intentions are. Unless you _are_ SPEWS, you don't know what SPEWS'
>intentions
>> >> _really_ are.
>> >
>> >Then SPEWS should rewrite their FAQ and web pages to remove any ambiguity.
>>
>> Yes, it would be "nice" if they were to do so.
>> For reasons known best to them, they choose not to.
>
>So, you admit that their FAQ is ambiguous and/or deceptive,

I will only go as far as "might be so considered, *by*some*people*".
I would make *one* one-word change in the document.

> if not outright
>contradictory in places... yet fail to see that alternative VALID
>interpretations are not only possible but have been stated in this thread - and
>you dare call me a liar?

You bet I do. because you *are* a liar.

You claim that you have asserted a "valid" alternative interpretation is
"yet another Stussey Lie(TM)"

Your alternative interpretation relies on demonstrably fallacious arguments,
based on things like;
ignoring expressly stated 'qualifying conditions',
"post hoc, ergo propter hoc" reasoning,
and inability to comprehend that "a->b" does *NOT* imply that "!a->!b",
among others.

Calling such a hodge-podge of mis-constructed arguments "valid" is laughable.

>> >Everything I have about their intentions came from what they said.
>>
>> Everything you have said regarding their intentions is "one *possible*
>> interpretation" of their remarks. It is not the _only_ possible
>> interpretation of those remarks.
>
>That's not what you have said previously. You have said that I have outright
>lied - not that what I said was a valid, alternate interpretation.

Your interpretation is *not* "valid". It contains multiple logical errors,
ranging from 'post hoc, ergo propter hoc' reasoning, to asserting "!a->!b"
based on "a->b", to ignoring qualifying and limiting conditions that are
expressly stated, asserting "for *all* A i->j", from a statement that "for
some A in X, i->j"

ALL of those "reasoning" steps are FALSE TO FACT. The logical fallacies
have been repeatedly pointed out. Yet you continue to assert them _as_
_unchallenged_ fact. "Liar" is the appropriate description.

> Now, you
>admit that I DO IN FACT HAVE A VALID interpretation and conclusion.

Yet another Stussey Lie(TM)

A "possible" interpretation is not necessarily a "valid" one,
And, in the case of _your_ interpretation, it bears *no* resemblance to
logically valid reasoning.

>> GIVEN that multiple possible interpretations exist, there is no _factual_
>> basis available for preferring one over the other.
>
>Correct - however, you have stated that my interpretation is wrong - and
>WITHOUT proof.

Proof of the "wrongness" of your interpretation has been provided:
1) disproof by counter-example, regarding things that you assert "cannot
happen".
2) identification of 'post hoc, ergo propter hoc' fallacious reasoning.
3) identification of assertations of "!a->!b", based on a "a->b" statement
4) identification of assertations of "b->a", based on a "a->b" statement
5) identification of assertations that "for EVERY X, a->b", based on the
actual statement that "for *some* X, a->b"

>> Asserting that one particular interpretation "must be true". only shows the
>> bias and intellectual dishonesty of the the party making the claim.
>
>I never said that my interpretation was the only one -

Nah. you just asserted that your interpretation "MUST" be correct -- that it
is the "only possible way" to read/interpret the published materials.

>> >> >> FACT: if you have a "small" spammer (sending only 100k spam
>messages/day)
>> >> >> sitting on one address, and 255 'good' users (sending 50 legitimate
>> >emails/day
>> >> >> each), occupying the other addresses in that /24 block, the odds of
>> >a 'random'
>> >> >> email received from "somewhere in that block" being spam are
>roughly 9:10.
>> >> >
>> >> >However, in that case, SPEWS should list the SINGLE spammer
>address and NOT
>> >> >LIST the /24 netblock which includes MANY non-spamming addresses
>(quite far
>> >> >from the "few or no[ne]" standard SPEWS claims it applies).
>> >>
>> >> Why? Serious question, _why_ should they do that? If the probabilities
>> >> are 80% (or better) that _any_ message from that /24 is spam, WHAT
>IS WRONG
>> >> with declaring "it is too much trouble to try to sort out the good
>stuff from
>> >> the bad stuff, so I'm going to reject _all_ of it"?
>> >
>> >In your example, the probability never reaches 80%. It in fact stays at less
>> >than 1% (exactly 1 in 256). The volume of mail is irrelevent to the
>> >computation of the probability. It is only the source IP address
>that counts -
>> >because that is what is evaluated - it's the sole criterion.
>>
>> Yet another Stussey Lie(TM)
>> Yet another Stuusey Fraudulent Statistic(TM)
>>
>> If I recieve 10,000 pieces of mail from an address-block -- 9,999 of them
>> spam, coming from 1 address, and 1 'legitimate' one from a 2nd address, then
>> 99.99% of the _messages_ I received from that address-block *are* spam.
>> The probability that "any arbitrary message" received from that netblock
>> is spam is 99.99%
>>
>> Yes, only 50% of the _sources_ are generating spam, but 99.99% of the
>> _messages_ are spam.
>
>And since your sole criterion is the SOURCE, with your two sources, the
>PROBABILITY is 50% each. The statistical history is the combination of
>probabilities that have occurred - but they in no way affect the probability
>of the sources.

"Figures don't lie, but liars can figure".

If I get 10,000 pieces of mail from that address-block, and 9,999 of them
are spam, with only *one* valid message, you claim 50% of the *MESSAGES*
are valid mail?

By your 'logic', someone who asks *one*question* -- "would SPEWS accept this
message, or not" -- the world is divided into just two groups. and that
therefore, the "odds" of any piece of mail being blocked are 50%.

Or that the 'world' can be divided into two groups, those who use SPEWS, and
those who do not. *Every* message sent is delivered to a server in one of
those two groups. Whatever the server is, it is covered by one of ONLY TWO
possibilities Therefore, by your assertations, the probability is 50% that
it will be handled by a mail-server using SPEWS.

>> >> >In SPEWS' view, it may very well have a higher probability of being -
>> >but that
>> >> >does not mean that it actually is. Furthermore, on a per-address
>basis for
>> >> >your /24 example above with 1 spammer and 255 non-spammers, the
>> >probability for
>> >> >any mail from that netblock being spam is still 0.391% spam and 99.609%
>> >> >NON-SPAM should the entire netblock be listed. Remember that
>> >quantity doesn't
>> >> >matter as the only criterion checked is the source IP address.
>> >>
>> >> Are you really _that_ ignorant of basic statistics?
>> >
>> >No. Apparently you are. It's not the VOLUME of the mail (which you
>correctly
>> >state below does equate to the NUMBER OF LOOKUPS performed). It's a
>matter of
>> >WHAT one looks up. The correct item to enumerate across for computing the
>> >probability is the IP address - and that is 1 in 256 in your example. It
>> >doesn't matter that one address is looked up more often than the others. The
>> >probability of ANY address in that block remains the same.
>>
>> The probability of _messages_ being spam is proportional to the volume of
>> messages being recieved. The problem with spam _is_ that they generate
>> thousands, if not millions of times more messages than 'legitimate' sources
>> do.
>
>No, it's not - not in your given example. Your list contains NO VOLUME
>information. It contains only source information, and in that, you already
>know: Spammer (1 in 256) and non-spammer (255 in 256) - because that was
>given.

Lets see what you _really_ know about probability theory;
Given:
two "crooked" coins,
coin 'A' will come up heads 99.990% of the time
coin 'B' will come up tails 60.000% of the time.
for _each_ trial one of the two coins is selected "at random", and flipped.

for any given coin-flip, what is the probability of getting "heads".

>
>It may be true that statistically, more of your lookups may indicate that it
>came from the spam source, but that's not the probability of it actually coming
>from that spam source.

If source A sends me 99 messages, for every message source B sends me. it
*is* 99 times more likely that any message will be from source A than from
source B.

>> >In coin flipping, the probability of heads vs. tails is 50% for each. It may
>> >be astronomical to have 100 heads in a row, but the probability for heads
>> >showing up on the 101st flip REMAINS 50%.
>> >
>> >> There are 100,000 spam messages flowing from 1 address, and 50 non-spam
>> >> messages flowing from each of 255 other addresses ("non-spam" total 12,750)
>> >> This means that there are a grand total of 112,750 messages/day flowing
>> >> out of that netblock.
>> >> For the sake of simplicity, postulate that they go to 112,750 different
>> >> users, at 112,750 different places.
>> >> This means that there are 112,750 _separate_ spam-detection tests done.
>> >> 88.7% of those tests come up 'spam positive'.
>> >> 11.3% of those tests come up 'spam negative'.
>> >> 88.7% of _all_ the mail out of that block tests "spam positive'.
>> >
>> >However, that isn't the probability of any ONE message being positive.
>>
>> The probability of any one message being spam is *precisely* the the
>> fraction of _all_ messages that _are_ spam.
>>
>> > That
>> >probability REMAINS 1 in 256 (for your example). Across those 256
>sources, the
>> >probability is 100% from the single spammer and 0% from the other 255 users.
>>
>> The probability of any particular _source_ being spam is not the same as
>> the probability of a particular _message_ being spam.
>
>Exactly. Maybe now you recognize that you're measuring the wrong quantity.

It can be equally asserted that *YOU* are measuring the wrong quantity.

If the likelihood that the _message_ is spam is excessively high, I don't
want to waste my time making an exhaustive determination.

If 99.75% of the _messages_ out of that address-space are spam, and it
takes me 1000x more resources to make an exhaustive examination of a given
message, I can 'miss' 997 spam messages, and get 3 false-positive rejections
at what it would 'cost' to do an exhaustive examination of *one* message.

>> >> Thus the probability of _any_given_message_ from "somewhere" (exact
>location
>> >> unknown/unspecified) in that address-space returning 'spam
>positive' is 88.7%
>> >
>> >Invalid conclusion. History does not equate to probability. In the coin
>> >flipping analogy, it doesn't matter how many times one flips the coin: the
>> >probability of the outcome is not dependent on (or altered by) the history of
>> >what happened before. You have introduced a factor that doesn't
>belong there.
>>
>> You don't know statistics.
>
>You don't know probability, which is what we're discussing.

You don't know that of which you speak.

The probability of a given outcome occurring is *NOT* simply "one over (number
of possible outcomes)". If there are only 2 possible outcomes, but one
occurs 9 times out of ten, the probability of that outcome *is* 90%. (this
is 'tossing a _loaded_ die').

Your bogus assertation that the probability of the message being spam is 1/256,
has the *implied* assumption that mail from each of those addresses is
*equally*likely* to occur. Which is "False to Fact", as they say, when a
spammer is sending *thousands*of*times* as many pieces of mail as a legitimate
sender.

>For you to determine the probability based on volume, you have to keep a
>history of that volume. Where is that volume information in your simple IP
>address lookup? [It's not there.] Your volume information is statistical,
>not probabilistic.

What _I_ know, and what the SPARTICUS group may know, are totally different,
and unrelated, things.

If SPARTICUS has access to historical data showing 9,999 spam messages
originating from an address-block, and only one legitimate record from that
block, then it *is* a valid inference that the next item seen from that
address-block has a 99.99% likelihood of being a spam message. (note:
emails are _not_ 'independent' events, like coin-flips are.)

If SPARTICUS had access to historical data showing 19 spam messages
originating from an address-block, and only one legitimate record from that
block, then it *is* a valid inference that the next item seen from that
address-block has a 80% likelihood of being a spam message. (note:
emails are _not_ 'independent' events, like coin-flips are.)

The probability of the =message= being spam _does_not_change_ if the spam
volume is coming from one very active spammer, or 100 'small scale' spammers.

If you want to to a _real_ probability analysis, you have a tri-value for
each IP address the sum of the probabilities of:
"does not send any mail" in a given interval
"does send a single non-spam mail" in a given interval
"does send a single spam mail" in a given interval
Those three probabilities must sum to 1.0 for any given IP address.

Those numbers must be calculated separately for each address in the address-
block.

The probability that any particular address is a spam-source is:
"does send a spam message"
------------------------------------------------------------ --
("does send a spam message" + "does send a non-spam message" )

( if the particular address sends only spam, the value is 1.0 100% spammer,
( if the particular address sends *no* spam, the value is 0.0 0% spammer,)

Those _raw_ numbers *can* then be averaged -- assuming they all use the same
time-interval -- to get the probabilities for the block as a whole.

sum("does send a spam message" ) / N
------------------------------------------------------------ ---------
sum("does send a spam message" + "does send a non-spam message" ) / N

where 'N' is the number of addresses in the block.

Note: 1) the 'does not send any mail" addresses *completely* drop out of the
calculation. even those addresses were factored in.
2) 'N', in the numerator and denominator , cancels itself out. you can
just divide the two sums.

>> If the _only_ data you have to work with shows a record of all occurances
>> of one selection from a binary-valued set, then the *correct* estimation
>> of probability _from_that_data_ is that _that_ choice will occur 100% of
>> the time.
>>
>> >> You under-state the probability of any given message from that space as
>> >> being 'spam', by a factor of more than 226:1.
>> >
>> >Actually, you're overstating it - because you are trying to include a factor
>> >that has no bearing on the outcome of the test. The test is: What
>IP address
>> >is this from - the spammer or the non-spammers. Solely based on that, the
>> >probabilities are: Spammer - 1 in 256, and non-spammer - 255 in 256. It
>> >doesn't matter that the spammer sent out 226 times more mail; that's not what
>> >you're measuring. You're measuring the source address. That's all.
>>
>> I'm mesauring the probability that the _message_ is spam.
>> Not the probability that the message source is a spammer.
>
>Then you need a history of spam received. You don't have it. All you have is
>the source identified. Your measurement lacks a necessary factor needed to
>compute it.
>

*I* don't have to have a history. I'm not building the list. SPARTICUS group
would need access to such data. You *DON"T*KNOW* that they do not have it.

SPARTICUS group determined that the probabilities were 'unacceptably high'
_for_them_, based on the data they have available *to*them*. Unless you are
part of that group, you cannot know, nor can you assert anything about what
info they did, or did *not* use, in making that determination. And they are
under *no* "obligation" to anyone to disclose "everything they know" about
anything.

A user, making a "yes/no" query, neither knows, nor cares, _where_ the
SPARTICUS group drew the line in making the 'unacceptably high' determination.
The query is simply "is the probability of this being spam unacceptably high
by *their* standards? IF yes, that's 'good enough for me.'"

Available evidence -- from 3rd party reports that use SPEWS (the list) for
tagging -- indicates a less than 1% false-positive rate.

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 21.06.2005 01:40:02 von sethb

In article ,
D. Stussy wrote:
>On Sat, 18 Jun 2005, Seth Breidbart wrote:
>> In article ,
>> D. Stussy wrote:
>> ...
>> > If some distant relative that you never gave your mailbox address
>> >to sent you a mail "out of the blue," I seriously doubt that you would call it
>> >spam even though you never had given him consent. You would know by content
>> >that it wasn't.
>>
>> Depends on what he was trying to sell me. When he claimed that
>> another relative had died leaving umpteen million dollars he'd share
>> with me if I helped him bring it into the US I decided he was
>> spamming.
>
>So, you ADMIT that it is CONTENT, not consent, that is the determining factor?

No, I don't, because it isn't.

>Your relative, in that example, did not have consent. You should
>have rejected his message as spam - according to your definition -
>that it's about consent.

I give general consent to anybody to send me non-spam. If it isn't
bulk, it isn't spam. So my previously-unknown cousin isn't spamming
me, hence my consent.

>The second (above) you said that it "depends on what [the content
>is]," you shot your own definition, position, and argument in the
>foot.

But I don't believe it depends on the content, I was merely giving a
humorous counterexample to your claim. I should have realized it
takes intelligence to recognize humor.

Seth

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 21.06.2005 01:56:22 von sethb

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 21.06.2005 02:02:56 von sethb

In article ,
IANAL_VISTA wrote:
>"D. Stussy" wrote in
>news:Pine.LNX.4.62.0506191953550.104@kd6lvw.ampr.org:
>[...snipped...]
>>
>> It has failed at the purpose of stopping spam at its source - the
>> ultimate goal of any anti-spam device.
>
>Which available anti-spam device actually does stop spam at its source?

The backhoe (or fishing trawler) works close enough.

Seth

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 21.06.2005 14:17:28 von spamtrap

In <11bd4bjm0u12k35@corp.supernews.com>, on 06/20/2005
at 09:50 AM, bonomi@host122.r-bonomi.com (Robert Bonomi) said:

>You can 'disagree' with where they choose to draw the line, but there
>is *NOTHING* that makes _your_opinion_ any more or less 'right' than
>their opinion about the matter. They chose 'more warning', you
>would choose 'fewer false positives'. Neither position is more
>'right' than the other one.

Close. The operators of SPEWS have access to data on the FN and FP
rates on their own systems. So they can *objectively* evaluate the
degree to which the listings meet their stated goals; something that,
as outsiders, we (TINW) cannot do. Note that this is a very different
question from whether their data are useful for your servers.

>I will only go as far as "might be so considered, *by*some*people*".

How about "might be deliberately so misconstrued, *by*some*people*"
While they could certainly make the FAQ clearer, it is already quite
explicit and the spam apologists ignore and lie about what it says;
were SPEWS to rewrite it in simpler and even more explicit terms, I
doubt that you would see any fewer lies and misconceptions about it
than you do now.

--
Shmuel (Seymour J.) Metz, truly insane Spews puppet

Unsolicited bulk E-mail will be subject to legal action. I reserve
the right to publicly post or ridicule any abusive E-mail. Reply to
domain Patriot dot net user shmuel+news to contact me. Do not
reply to spamtrap@library.lspace.org

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 23.06.2005 13:33:06 von k4yz

Robert Bonomi wrote:
> In article ,
> D. Stussy wrote:

> >Not a lie - a conclusion: "... even before they start spamming." That means
> >that SPEWS intentionally lists current non-spamming addresses on the grounds
> >that they are FUTURE SPAMMERS - and without distinction from the CURRENT ones.
>
> Yet another Stussey Lie(TM)
> In the form of a deliberate 'out-of-context' quote with the "qualifying
> conditions" removed.

I am gald to see that Dieter Stussy has found yet another group to
while away his hours in.

He's a wiley one.

Mr Stussy has spent many hours posting in an Amateur Radio related
newsgroup making slanderous accusations against the owner/operator of
an AR-related news service, claiming fraud, deceit, mis-reporting, etc.

None of it true, but he does so enjoy doing it.

He also accused said organization of "spamming" the Amateur Radio
related newsgroup with real news about Amateur Radio...

One has to question his logic.

His ONLY interest was that one of the the principal parties in the
other organization had allegedly "misreported" on a story involving
some friends of his.

Now he's made it his mission to lie, deceive and harass that
organization, despite being a benevolent organization that routinely
dispenses scholarships for teens in engineering disciplines.

Dieter has repeatedly insisted that he was going to "file charges"
at "any moment" with appropriate tax enforcement officers or the CA
State AG, but he never does it.

Then this past March, he suddenly reappeared in the group accusing
me of "talking behind (his) back" in a different forum, calling me a
"weasel", a "back stabber", and using several other rather profane
adjectives, all alledgedly due to "not facing (him) like a man"...

The "other forum" was another newsreader that picks up Google
Groups and re-posts them. When the headers and attributes were
presented to Dieter showing him that no such offense took place, he
refused to acknowledge them or apologize for the abusive conduct or
behaviour.

Seems the one who doesn't like to "face" things is Dieter Stussy.

Enjoy! He's quite a character!

Steve in Winchester, TN

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 25.06.2005 08:54:36 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 25.06.2005 09:15:23 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 25.06.2005 19:56:27 von Mark Crispin

On Sat, 25 Jun 2005, D. Stussy wrote:
> On Thu, 23 Jun 2005 k4yz@aol.com wrote:
> [long catfight snipped]

For the benefit of people who can not interpret amateur radio callsigns, a
four-character callsign such as K4YZ identifies a very senior member of
that community. KD6LVW does not.

It's occasionally enjoyable (and educational) to watch a catfight in the
ham radio community. At the age of 11, I got the familiar "we don't want
kids, LIDs, or space cadets" brushoff. It was common in the 1960s. This
kid gave up.

After decades of destructive catfighting and counter-productive elitism,
hams are left wondering why their numbers are dwindling. Once they used
the license examinations to "keep the bastards out". Now they give you
all the test questions and answers in advance. It hasn't helped.

I count among my friends several hams with four-character callsigns who
don't fit the above description. But they'd be the first to admit the
truth in what I'm saying.

To be fair, technology also had a hand. In a day and age of ubiquitous
email, cell and satellite phones that work anywhere in the world, and
cheap IDD, getting a QSL card from Outer Mongolia is no longer a big deal.

I said that it was educational; it's a warning to the rest of us.

The messaging (email/news) community is not growing. Recently, users have
started to abandon messaging due to the behavior of others. It isn't just
spammers and phishers. It's also the self-proclaimed "experts" who spit
venom at innocent people who had the temerity to ask a novice question.

I would like to end this message with a plea. We know who are the
destructive individuals on comp.mail.misc. Shun them. Don't answer them.
If you must answer, confine your answer to technical issues.

comp.mail.misc was once a useful technical community, and it can be again,
if we stop enabling destructive behavior.

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 26.06.2005 04:01:21 von Steve Baker

On Sat, 25 Jun 2005 10:56:27 -0700, Mark Crispin
wrote:

[snip excellent article]

He's talking about you, Sam. Playing with Beavis is fine, but you can
be just as rude to an innocent poster as Beavis. Comp.mail.MISC implies
that newbie questions should be welcomed, not ridiculed.

Steve Baker

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 26.06.2005 05:05:29 von Alan Connor

On comp.mail.misc, in
, "Steve Baker"
wrote:

> On Sat, 25 Jun 2005 10:56:27 -0700, Mark Crispin
> wrote:
>
> [snip excellent article]
>
> He's talking about you, Sam. Playing with Beavis is
> fine,

How does he "play with me"? I don't ever read his posts.
I wouldn't even know he calls me "Beavis" if someone hadn't
told me in an email.

All he does is play with himself.

> but you can be just as rude to an innocent poster as
> Beavis.

And YOU can be a complete asshole.

> Comp.mail.MISC implies that newbie questions should be
> welcomed, not ridiculed.
>
> Steve Baker

They also should be able to obtain accurate information about
everything to do with electronic mail.

And the amount of mis/dis-information you and others here
have posted about Challenge-Response mail filters is
staggering.

Of course, it hasn't worked at all. Challenge-Response filters
become more and more popular every day.

They are hated by spammers and people who hire spammers, and
people who make a living as spam-fighting professionals,
because they are so easy to use and because the spammers
can't beat them.

Trolls hate them too, because they reject anonymous mail.

Have you noticed that the amount of pro-C/R material on the
Web now vastly overwhelms the amount of dis-information posted
by pro-spammers? Wasn't like that a few years ago.

While you and your pro-spam cohorts have been attacking me
here, I have been posting C/R FAQ's all over the Usenet.
For years.

Careful, scripted, multi-posting. From different servers and
in dozens of different formats and on very irregular schedules
and with different aliases. A lot of them disguised as ordinary
posts. All with the X-No-Archive: yes header, to avoid leaving
tracks.

On tens of thousands of newsgroups, Though never on the mail
groups: Most of the people that hang out there are spammers,
anyway.

The FAQ contains links to all of the available software and ISPs
that offer C/R service, and to the pro-C/R websites, just for
starters. The disguised ones had a link to the real FAQ.
People who were interested just copied the posts or the link(s).
Thousands of them have mailed me at one of my dozens of email
addresses. (The one I post in my sig here is just another trick
to keep you feebs distracted. I don't get ANY important mail
there.)

You are SO fucking stupid.

Like all spammers and trolls.

All I had to do to distract you was pretend like I cared about
the transparent lies you all have been posting, or post
something from one of the pro-C/R websites.

But the war is over. You've lost.

Kiss my ass. Again.

AC

--
alanconnor AT earthlink DOT net
Use your real return address or I'll never know you
even tried to mail me. http://tinyurl.com/2t5kp
~

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 26.06.2005 05:52:43 von Alan Connor

On comp.mail.misc, in , "Alan Connor" wrote:
>
>
> On comp.mail.misc, in
>, "Steve Baker"
> wrote:
>
>
>> On Sat, 25 Jun 2005 10:56:27 -0700, Mark Crispin
>> wrote:
>>
>> [snip excellent article]
>>
>> He's talking about you, Sam. Playing with Beavis is
>> fine,
>
> How does he "play with me"? I don't ever read his posts.
> I wouldn't even know he calls me "Beavis" if someone hadn't
> told me in an email.
>
> All he does is play with himself.
>
>> but you can be just as rude to an innocent poster as
>> Beavis.
>
> And YOU can be a complete asshole.
>
>> Comp.mail.MISC implies that newbie questions should be
>> welcomed, not ridiculed.
>>
>> Steve Baker
>
> They also should be able to obtain accurate information about
> everything to do with electronic mail.
>
> And the amount of mis/dis-information you and others here
> have posted about Challenge-Response mail filters is
> staggering.
>
> Of course, it hasn't worked at all. Challenge-Response filters
> become more and more popular every day.
>
> They are hated by spammers and people who hire spammers, and
> people who make a living as spam-fighting professionals,
> because they are so easy to use and because the spammers
> can't beat them.
>
> Trolls hate them too, because they reject anonymous mail.
>
> Have you noticed that the amount of pro-C/R material on the
> Web now vastly overwhelms the amount of dis-information posted
> by pro-spammers? Wasn't like that a few years ago.
>
> While you and your pro-spam cohorts have been attacking me
> here, I have been posting C/R FAQ's all over the Usenet.
> For years.
>
> Careful, scripted, multi-posting. From different servers and
> in dozens of different formats and on very irregular schedules
> and with different aliases. A lot of them disguised as ordinary
> posts. All with the X-No-Archive: yes header, to avoid leaving
> tracks.
>
> On tens of thousands of newsgroups, Though never on the mail
> groups: Most of the people that hang out there are spammers,
> anyway.
>
> The FAQ contains links to all of the available software and ISPs
> that offer C/R service, and to the pro-C/R websites, just for
> starters. The disguised ones had a link to the real FAQ.
> People who were interested just copied the posts or the link(s).
> Thousands of them have mailed me at one of my dozens of email
> addresses. (The one I post in my sig here is just another trick
> to keep you feebs distracted. I don't get ANY important mail
> there.)
>
> You are SO fucking stupid.
>
> Like all spammers and trolls.
>
> All I had to do to distract you was pretend like I cared about
> the transparent lies you all have been posting, or post
> something from one of the pro-C/R websites.
>
> But the war is over. You've lost.
>
> Kiss my ass. Again.
>
> AC
>
> --
> alanconnor AT earthlink DOT net
> Use your real return address or I'll never know you
> even tried to mail me. http://tinyurl.com/2t5kp
> ~

What the hell. The war is over. Here's how I did it, Fools:

Post number one (aliase one, newsserver one) to new group:

"I know this is off-topic, but we are all on the
internet, right?

Does ANYONE know any good programs for getting rid of the
spam?

It is driving me CRAZY."

Wait for responses, reply with alias one, who knows nothing
about email, wait for 3000-5000 minutes.

Post number two (aliase two, newsserver two):

"I hear that Spamassassin (etc.) is pretty good....."

Wait for responses, reply with alias one and two.

Post number three (aliase three, newsserver three):

"I gotta tell you that I've tried everything, and
the only ones that work are these:

A dozen variations on the above. A dozen different
links to the FAQ(s).

All done with a script I wrote. No work at all. I'd
just take a look at the last time I ran it, and if it
seemed right, run it again, with the number of new
groups to take next from the randomized list the only
commandline option.

Which left me free to keep you clowns busy here.

:-)

Thank you Sun-Tzu.

--
Please visit my home page:
http://angel.1jh.com./nanae/kooks/alanconnor.html

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 26.06.2005 06:03:18 von Steve Baker

On Sun, 26 Jun 2005 03:05:29 GMT, Alan Connor wrote:

>On comp.mail.misc, in
>, "Steve Baker"
>wrote:
>
>
>> On Sat, 25 Jun 2005 10:56:27 -0700, Mark Crispin
>> wrote:
>>
>> [snip excellent article]
>>
>> He's talking about you, Sam. Playing with Beavis is
>> fine,
>
>How does he "play with me"? I don't ever read his posts.
>I wouldn't even know he calls me "Beavis" if someone hadn't
>told me in an email.

Liar.
Beavis, your killfile is apparently broken. I'm in it, remember? I
think I'm even supposed to be a Sam sock, so you really have no excuse
for following up to me.
....
>Careful, scripted, multi-posting. From different servers and
>in dozens of different formats and on very irregular schedules
>and with different aliases. A lot of them disguised as ordinary
>posts. All with the X-No-Archive: yes header, to avoid leaving
>tracks.

You're too funny. You're vehemently against spam, yet you *brag*
about being a usenet spammer. Heh.

>On tens of thousands of newsgroups, Though never on the mail
>groups: Most of the people that hang out there are spammers,
>anyway.

I thought they were mostly Sam?

I'm curious, have you been diagnosed by a professional? You're an
enigma. You have a way with words when it comes to being an obnoxious
wanker, and you're handy with procmail, but you're always stepping on
your dick when it comes to anything related to how email or usenet
work. Usenet is kinda tricky, but email is pretty straightforward. Why
haven't you taken a little time to learn how email works? Doesn't your
dick get sore when you step on it?
....

Steve "Sam" Baker

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 26.06.2005 06:11:55 von Sam

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 26.06.2005 06:17:13 von Sam

Alan Connor, Usenet Beavis (was Re: Recent NANAE Flood)

am 26.06.2005 06:23:46 von Sam

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 26.06.2005 06:57:56 von Steve Baker

On Sat, 25 Jun 2005 23:11:55 -0500, Sam wrote:

>Steve Baker writes:
>
>> On Sat, 25 Jun 2005 10:56:27 -0700, Mark Crispin
>> wrote:
>>
>> [snip excellent article]
>>
>> He's talking about you, Sam.
>
>Perhaps, perhaps not. I doubt that I'll ever care.

That's what he's talking about.

>> Playing with Beavis is fine, but you can
>> be just as rude to an innocent poster as Beavis.
>
>And I should care because?

That's what he's talking about.

>> Comp.mail.MISC implies
>> that newbie questions should be welcomed, not ridiculed.
>
>There's a very fine difference between a newbie with a potential, and a
>dumbass.

Are you sure you're qualified to draw that line? And why do you
bother drawing such lines? Why do you mock folks who are, in your
opinion, on the wrong side of the line? Can't you get your mocking
jollies some other way than ridiculing the innocently ignorant?

Mocking Beavis doesn't satisfy your mocking urges? Jeez, he's the
freaking motherlode of material, you got it bad. ;-)

Steve Baker

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 26.06.2005 07:17:48 von Alan Connor

On comp.mail.misc, in , "Alan Connor" wrote:

"Steve Baker"

Nope. I don't read posts of yours that are addressed to me.
Nor any responses to them. Heard all of your lies and
childish abuse before.

I post what I want on the Usenet, and you live with it.

AC

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 26.06.2005 08:45:43 von Steve Baker

On Sun, 26 Jun 2005 05:17:48 GMT, Alan Connor wrote:

>On comp.mail.misc, in , "Alan Connor" wrote:
>
>
>
>"Steve Baker"
>
>Nope. I don't read posts of yours that are addressed to me.

Addressed to you? Heh. Your killfile is really something! Here's the
problem with your killfile. It relies on your brainpower. So it doesn't
work.

Steve Baker

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 26.06.2005 15:24:16 von Sam

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 26.06.2005 15:29:14 von Sam

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 27.06.2005 05:58:11 von Steve Baker

On Sun, 26 Jun 2005 08:24:16 -0500, Sam wrote:

>>>> He's talking about you, Sam.
>>>
>>>Perhaps, perhaps not. I doubt that I'll ever care.
>>
>> That's what he's talking about.
>
>So, let him talk. It's a free country. He can talk about me as much as he
>wants.

Actually, I wasn't thinking that he was talking about you
specifically, just that you fit the bill. Maybe he was talking about
you specifically, I dunno. But you are an expert(1), and you do
contribute to making comp.mail.misc a newbie-hostile environment. And
you don't care that that's what you're doing (saying that you haven't
bitten off any newbie's head recently isn't exactly a denial). That's
what he was talking about.

1. One of the most amusing posts I ever read in NANAE was when you and
Vernon were jawing about POP servers and lock files. You had him backed
into a corner and then he said something like "I just remembered that
you're supposed to be in my killfile. Sorry, can't talk any more. Bye."

Steve Baker

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 27.06.2005 06:07:18 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 27.06.2005 06:45:14 von Alan Connor

On comp.mail.misc, in
, "D. Stussy"
wrote:

> Eliminate Alan Connor (from the group) and it will be again.

You've been trying for years.

If you didn't have the brains of a spammer, you'd have realized
that hot air just won't do the job.

On the Usenet or on the Web or through the mails.

Neither will complaints to Earthlink with altered C/Rs from
me as alleged evidence of alleged wrong-doing.

But feel free to do it some more: They are keeping your
mails, I assure you.

AC

--
Please visit my home page:
http://angel.1jh.com./nanae/kooks/alanconnor.html
alanconnor AT earthlink DOT net
http://tinyurl.com/2t5kp

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 27.06.2005 08:18:00 von Andre Kostur

"D. Stussy" wrote in
news:Pine.LNX.4.62.0506251950540.72@kd6lvw.ampr.org:

> On Sat, 25 Jun 2005, Mark Crispin wrote:
>> On Sat, 25 Jun 2005, D. Stussy wrote:

>> ...
>> I would like to end this message with a plea. We know who are the
>> destructive individuals on comp.mail.misc. Shun them. Don't answer
>> them. If you must answer, confine your answer to technical issues.
>>
>> comp.mail.misc was once a useful technical community, and it can be
>> again, if we stop enabling destructive behavior.
>
> Eliminate Alan Connor (from the group) and it will be again.

While some may contend that it's futile... to be fair, Alan seems to know
procmail fairly well. (I say "seems to know" as I haven't personally
tested his answers since I don't have the need. As a result he gets the
benefit of the doubt that he does know what he's talking about W.R.T.
procmail at least...)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 27.06.2005 09:10:56 von Alan Connor

On comp.mail.misc, in
, "Andre
Kostur" wrote:

> "D. Stussy" wrote in
> news:Pine.LNX.4.62.0506251950540.72@kd6lvw.ampr.org:
>
>> On Sat, 25 Jun 2005, Mark Crispin wrote:
>>
>>> On Sat, 25 Jun 2005, D. Stussy
>>> wrote:
>
>>> ............................................................ .
>>> I would like to end this message with a plea. We know who
>>> are the destructive individuals on comp.mail.misc. Shun
>>> them. Don't answer them. If you must answer, confine your
>>> answer to technical issues.
>>> comp.mail.misc was once a useful technical community, and it
>>> can be again, if we stop enabling destructive behavior.
>>
>> Eliminate Alan Connor (from the group) and it will be again.
>
> While some may contend that it's futile... to be fair, Alan
> seems to know procmail fairly well. (I say "seems to know" as
> I haven't personally tested his answers since I don't have the
> need. As a result he gets the benefit of the doubt that he
> does know what he's talking about W.R.T. procmail at least...)
>

Thanks for the benefit of the doubt, Andre.

I know procmcail pretty well. It's an amazing tool. There are
others here that know it better and I am always hoping they will
post solutions for procmail questions, so I can study them.

The only people that don't want me here are trolls and
pro-spammers.

(The number of people with a few [or many] computer skills that
dream of getting rich selling stuff on the Internet, which
requires spamming and seo and html, is staggering.

As are the number of people who think that everyone in
the world has to accept and read any mail they feel
like sending.)

They are the only ones with a need to fear Challenge-Response
mail filters, because they can't beat them.

I don't care what they think. Or post.

They are mosquitos buzzing around in the next county.

AC

--
Please visit my home page:
http://angel.1jh.com./nanae/kooks/alanconnor.html

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 27.06.2005 23:29:09 von Hesiod

["Followup-To:" header set to comp.mail.misc.] On Mon, 27 Jun 2005
06:18:00 GMT, Andre Kostur wrote in
:
> "D. Stussy" wrote in
> news:Pine.LNX.4.62.0506251950540.72@kd6lvw.ampr.org:
>
>> On Sat, 25 Jun 2005, Mark Crispin wrote:
>>> On Sat, 25 Jun 2005, D. Stussy wrote:
>
>>> ... I would like to end this message with a plea. We know who are
>>> the destructive individuals on comp.mail.misc. Shun them. Don't
>>> answer them. If you must answer, confine your answer to technical
>>> issues.
>>>
>>> comp.mail.misc was once a useful technical community, and it can be
>>> again, if we stop enabling destructive behavior.
>>
>> Eliminate Alan Connor (from the group) and it will be again.
>
> While some may contend that it's futile... to be fair, Alan seems to
> know procmail fairly well. (I say "seems to know" as I haven't
> personally tested his answers since I don't have the need. As a
> result he gets the benefit of the doubt that he does know what he's
> talking about W.R.T. procmail at least...)
>

I don't care how much he knows. He reads man pages, he spews back what
he reads. He is a jerk and a mean-spirited paranoiac who can't seem to
converse politely with anyone unless he feels he is in the position of
'instructing' them. He has no 'art.' Just having answers is not good
enough. It matters to me who and where I get my answers from. For every
AC answer there is an alternative, frequently better one, and I choose
to accept the latter.

The fact that he calls "spammer" and "sock" on anyone who even ever so
slightly challenges his posts is enough to demonstrate that he has
serious problems.

--
"Never put off till tomorrow what you can do the day after."
--Alphonse Allais

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 29.06.2005 11:34:28 von k4yz

D. Stussy wrote:
> On Thu, 23 Jun 2005 k4yz@aol.com wrote:

> > He also accused said organization of "spamming" the Amateur Radio
> > related newsgroup with real news about Amateur Radio...
>
> ...And rightfully so.

Snip.

Nope.

Just a "terror campaign" byt Dieter Stussy because he didn't get
his way.

> > His ONLY interest was that one of the the principal parties in the
> > other organization had allegedly "misreported" on a story involving
> > some friends of his.
>
> Wrong. My MOTIVATION is that they intentionally slandered my friend.

Nope.

You just didn't like the way the story was reported.

Seems no one BUT you has made any issue about it.

That may make you a devoted friend, but it also makes you look
pretty foolish for constantly waving the dirty laundry around.

> That only caused me to dig deeper and see whether they were violating any [other]
> law. I found that they may be, and initially asked for PUBLIC COMMENT on the
> issue. Then, I end up with a whole bunch of personal attacks from this Steve
> Robeson - an Alan Connor clone for rec.radio.amateur.policy as far as I'm
> concerned.

And the comment, from almost every corner was and still is that
Dieter Stussy didn't/doesn't have a leg to stand on...

Imagine that.

> > Now he's made it his mission to lie, deceive and harass that
> > organization, despite being a benevolent organization that routinely
> > dispenses scholarships for teens in engineering disciplines.
>
> Their mismanagement of funds is their own doing.

So far no one's proven they've mismangaged so much as the price of
a can of Coke.

Just some silly, unfounded accusations from a snot nosed brat.

> > Dieter has repeatedly insisted that he was going to "file charges"
> > at "any moment" with appropriate tax enforcement officers or the CA
> > State AG, but he never does it.
>
> I'm still not conviced which is the appropriate agency. BTW, you can't even
> get that one correct - I never mentioned the State's AG among the
> possibilities.

Now I can officially call you a documented liar.

You did on at least two occassions.

> > Then this past March, he suddenly reappeared in the group accusing
> > me of "talking behind (his) back" in a different forum, calling me a
> > "weasel", a "back stabber", and using several other rather profane
> > adjectives, all alledgedly due to "not facing (him) like a man"...
>
> You did. When I searched for posts citing my name, ONLY yours showed up. It's
> interesting that my own posts did not show up - which would not be true if that
> other site's forum were simply a shadow of the newsgroup as you claimed it was.

The facts are that it was proven to be just as I said it was.

I can't atest as to why the "allaudio" site works (or doesn't
work) the way it does or why it picks and chooses the posts to parrot.

The FACTS are that you were proven wrong, yet to this date have
not been man enough to admit your mistake and apologize for it.

> > The "other forum" was another newsreader that picks up Google
> > Groups and re-posts them. When the headers and attributes were
> > presented to Dieter showing him that no such offense took place, he
> > refused to acknowledge them or apologize for the abusive conduct or
> > behaviour.
>
> Nor shall I ever - as I don't use any of Google's groups (nor any at Yahoo
> either).

So...You support abusive conduct and behaviour on the Internet.

Why am I not surprised...?!?!

> > Seems the one who doesn't like to "face" things is Dieter Stussy.
> > Enjoy! He's quite a character!
> >
> > Steve in Winchester, TN
>
> And you're still a weasel.

But you're a coward and now a documented liar.

I'll take the weasel.

Steve in Winchester.

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 29.06.2005 11:44:05 von k4yz

Mark Crispin wrote:
> On Sat, 25 Jun 2005, D. Stussy wrote:
> > On Thu, 23 Jun 2005 k4yz@aol.com wrote:
> > [long catfight snipped]
>
> For the benefit of people who can not interpret amateur radio callsigns, a
> four-character callsign such as K4YZ identifies a very senior member of
> that community. KD6LVW does not.

You're quite correct.

However this is not Amateur Radio. It's the Internet.

> It's occasionally enjoyable (and educational) to watch a catfight in the
> ham radio community. At the age of 11, I got the familiar "we don't want
> kids, LIDs, or space cadets" brushoff. It was common in the 1960s. This
> kid gave up.

I never heard the fellow you're talking about, however I've heard
the stories. It was a very tragic thing to have happen to Amateur
Radio.

> After decades of destructive catfighting and counter-productive elitism,
> hams are left wondering why their numbers are dwindling.

That's odd.

I wonder where you get your numbers at.

When I started out as a Novice in 1972, there were just a little
bit less than half of the numbers that there are now.

> Once they used
> the license examinations to "keep the bastards out". Now they give you
> all the test questions and answers in advance. It hasn't helped.

The FCC is not the only federal agency to publish not only the
questions, but answers to it's exams.

It's NOT a meaningful way to accurately determine competency.

> I count among my friends several hams with four-character callsigns who
> don't fit the above description. But they'd be the first to admit the
> truth in what I'm saying.

They be even MORE truthful if they ALSO admitted that there is NO
avocation that is without it's detractors and "misfits".

I know of one clod who flies RC airplanes from the opposite side
of a well known flying field, "attacks" the planes of other
enthusiasts, and uses his models to harrass pedestrians.

Should we therefore judge all RC model enthusiasts by this jerk?

> To be fair, technology also had a hand. In a day and age of ubiquitous
> email, cell and satellite phones that work anywhere in the world, and
> cheap IDD, getting a QSL card from Outer Mongolia is no longer a big deal.

It is to me!

You can apply the same rationale to fishing. Anyone can drag a
net through a lake or river and come up with fish.

It takes a certain amount of skill to come up with that "big one"
on a lure and rod!

Steve in Winchester

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 29.06.2005 12:02:33 von k4yz

D. Stussy wrote:
> On Sat, 25 Jun 2005, Mark Crispin wrote:
> > On Sat, 25 Jun 2005, D. Stussy wrote:
> > > On Thu, 23 Jun 2005 k4yz@aol.com wrote:
> > > [long catfight snipped]
> >
> > For the benefit of people who can not interpret amateur radio callsigns, a
> > four-character callsign such as K4YZ identifies a very senior member of that
> > community. KD6LVW does not.
>
> Wrong. That was changed in 1996 when the FCC rolled out their latest "vanity
> callsign" program. If you looked both of us up, you would find that we are both of the same class
> (level of license).

We are the same level of licensure, Dieter.

Heaven forbid I ever find myself in your "class".

> The only difference is that I've kept my original callsign
> since being continuously licensed while Steve has not. [Steve couldn't even
> decide on a single vanity call - he's had more than one - currently K4CAP,
> formerly K4YZ, and KC8M (the latter not under the current vanity program).]

You've had the same license plate on your car since your first
one, Dieter?

Lived in the same house since you were born?

Never change your underwear or cut your hair?

I was systematically issued KC8M when I made Extra in 1979. I had
no choice then. I took K4YZ when the Vanity system allowed it because
"YZ" was the tail modex of a USMC helo unit I used to be a member of.
I briefly took K4CAP for other reasons, but then took K4YZ back.

All very legal. And paid for per federal requirement. All a
matter of public record.

I was originally licensed since 1972. I was "QRT", or out of
Amateur Radio from October 1974 until March 1976 due to military
commitments. I've been continuously licensed since 1976 and an Extra
since December 1979.

My comments, Mr Crispin, were not necessarily Amateur Radio
related..It just happens that I am licensed in the Amateur service as
is Dieter. Dieter made accusations and threats in another forum and
then dodged acknowledging his error when his error was shown. Claimed
he was "too busy" doing things "in the real world" to take time to be
civil.

Seems he has lots of time here, which begs one to question his
honesty.

Steve in Winchester.

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 30.06.2005 18:51:15 von sethb

In article ,
D. Stussy wrote:
>On Mon, 20 Jun 2005, Seth Breidbart wrote:
>> In article ,
>> D. Stussy wrote:

>> >Your relative, in that example, did not have consent. You should
>> >have rejected his message as spam - according to your definition -
>> >that it's about consent.
>>
>> I give general consent to anybody to send me non-spam. If it isn't
>> bulk, it isn't spam. So my previously-unknown cousin isn't spamming
>> me, hence my consent.
>
>I don't see how you can give "general consent" to any previously unknown party
>without also including the entire public - which (unfortunately) includes
>spammers.

That's not a problem; spammers are welcome to send me individual
non-spam messages.

> Regardless, it wasn't consent that determined that it was spam or
>not - it was SOME OTHER QUALITY that it possessed.

That's right; the quality was BULK. A single message lacks the
quality of being part of a BULK sending, hence it isn't spam.

>You said it's about consent. However, I have given you an example where we
>removed consent from the equation....

No, where you claimed (wrongly) to remove it. Also, it's both consent
and BULK that matter; you're ignoring the BULK part.

> Without it, you should not have been
>able to determine a message's spam status at all - yet you claim to.

It's a thought experiment, I can know (or invent) any facts I need to.

>As I have said previously, how can an individual recipient know who
>else has also received the message when it's not stated in the
>message headers?

What good does "stating in the message headers" do? Those can easily
be forged.

> Prove to me that one can ALWAYS know a "bulk" email on sight.

Who cares? The definition of spam doesn't depend on someone always
being able to recognize it on sight.

Seth

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 11.07.2005 00:52:23 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 11.07.2005 01:07:48 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 11.07.2005 01:12:55 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 11.07.2005 01:23:30 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 11.07.2005 01:31:28 von unknown

Post removed (X-No-Archive: yes)

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 13.07.2005 04:20:13 von sethb

In article ,
D. Stussy wrote:
>On Mon, 27 Jun 2005, Alan Connor wrote:

>THe problem is that if your email (or spam) has reached procmail, you've
>already accepted responsibility for delivery (or for generating a bounce
>message) - and that's just too late. A message that is due to be rejected,
>tossed in the bit bucket, or otherwise not delivered should meet its fate as
>soon as possible - and that means that it should be killed in the MTA as
>delivery is [first] attempted. Procmail is too late in that process.

Not if procmail is set as the MDA; in that case, it can return a code
to the mailer, which returns it to the sender. But that isn't the
spamming troll's setup.

>> They are the only ones with a need to fear Challenge-Response
>> mail filters, because they can't beat them.
>
>Honest people "fear" C/R because they KNOW that spammers can abuse them. Only
>idiots put up systems for spammers to exploit (to spam even more people). AC
>is the top of that idiot list.

Right. I don't fear C/R, I'm just annoyed by it as I am by other
sorts of spam-emitting garbage.

Seth

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 30.07.2005 02:28:20 von sethb

In article ,
D. Stussy wrote:
>On Thu, 30 Jun 2005, Seth Breidbart wrote:
>> In article ,
>> D. Stussy wrote:

>> > Regardless, it wasn't consent that determined that it was spam or
>> >not - it was SOME OTHER QUALITY that it possessed.
>>
>> That's right; the quality was BULK. A single message lacks the
>> quality of being part of a BULK sending, hence it isn't spam.
>
>How did you determine that it wasn't bulk?

The definition does NOT depend on what it's easy for me to determine.

>If a spammer were to customize every message he sent by adding the recipient's
>name in the TEXT (i.e. body) of the message, no two messages would be
>identical (after ignoring headers), and thus there would be no implied evidence
>that anyone else received the same message (nor would they have - they would
>have received one customized to them).

They'd still be "substantively identical" which is the key factor.

>Please state the criteria by which a single recipient of a message can truly
>determine that such message was sent to other recipients when the message
>(presumedly by its headers) does NOT show such.

Probably he can't; that doesn't affect the _definition_.

>> >You said it's about consent. However, I have given you an example where we
>> >removed consent from the equation....
>> No, where you claimed (wrongly) to remove it. Also, it's both consent
>> and BULK that matter; you're ignoring the BULK part.
>So, it ISN'T about consent ALONE as you claimed?

Unsolicited (that's the part where consent matters) Bulk (see? that
also matters) Email.

> ...And CONTENT has nothing
>to do with it as you also claimed?

That's right. Unsolicited Bulk Email is spam.

>> >As I have said previously, how can an individual recipient know who
>> >else has also received the message when it's not stated in the
>> >message headers?
>> What good does "stating in the message headers" do? Those can easily
>> be forged.
>If the message is addressed to multiple recipients in the headers, it is clear
>that at least, it was INTENDED to be received by other recipients.

Or it was intended by the sender to make the recipient think so. I
can think of several reasons why one might do that (including one
someone I once knew did, though in snailmail rather than email).

> DUH! In
>order to be "bulk mail," there first must be multiple recipients (and then it
>becomes a valuation question of how many).

That's what I've been saying.

>> > Prove to me that one can ALWAYS know a "bulk" email on sight.
>>
>> Who cares? The definition of spam doesn't depend on someone always
>> being able to recognize it on sight.
>
>Your definition requires that it be identifiable as "bulk email."

No, my definition requires that it _be_ bulk.

> If you can't
>apply your definition to see if it fits, then what good is it.

There are a number of people who seem to think my definition of spam
is rather useful. GIYF.

Seth

Re: Recent NANAE Flood (was Re: Famous Hacker Uses Challenge-Responses)

am 08.08.2005 06:37:10 von unknown

Post removed (X-No-Archive: yes)