FC: Spam fighting as censorship, blocking legit email messages

[Declan McCullagh <declan () well com>]

[I will be on vacation in Big Sur until next Wednesday. --DBM]

*********

Date: Fri, 29 Oct 1999 15:03:58 -0400
To: declan () well com
From: Andrew Shen <shen () epic org>
Subject: Re: FC: Police raid noisy party hosted by government anti-noise  
committee

> Unfortunately, the HHS bureaucrats only put the proposed regulations online
> in WordPerfect form. Go figure.

Declan --

The 34 pages of regulations are available on the EPIC website,
http://www.epic.org in HTML and PDF.

Andy

*********

To: declan () well com
cc: politech () vorlon mit edu, gnu () toad com
Subject: Re: FC: US company bans email from all .co.uk addresses -- spammers! 
In-reply-to: <19991029181616.WRCZ20426 () alaptop hotwired com> 
Date: Fri, 29 Oct 1999 16:08:35 -0700
From: John Gilmore <gnu () toad com>
X-UIDL: babec9550b301d2e7b86731f7f71b899

> shows that problems can be fixed pretty quickly on both sides of the
> Atlantic: The overbroad spam block gets lifted, and the UK university gives
> the boot to the spammer. --DBM]

Actually what it shows is the opposite.  Internet users had to
complain to their correspondents using some other medium, like a
telephone.  Then those correspondents had to complain to their ISP
before they were "permitted" to receive mail from those
corerspondents.  This was not an isolated incident.  The tactics and
reactions of anti-spammers are far worse than the tactics of the
spammers.  Spammers don't prevent ordinary, legitimate mail from
getting through.  The anti-spammers regularly block real peoples' 
*wanted* email.

> IDT has now relaxed its bans. The University of Leeds has traced its
> problem to a security hole that allowed someone outside to use one of its
> servers to relay spam.

This was not a security hole at all.  Email transport agents are
designed to always forward mail onward toward its destination, and
have been designed that way from the beginning of the Internet.
Anti-spammers have seized on this as a "hole" that lets "unwanted"
people forward their email through third parties.  They have built
blacklists -- that's what they call them -- of sites that run mailers
which will try to deliver misdirected email rather than reject it.
Making such email "bounce" back to its sender is an abomination.  This
isn't a hole, it's a feature, and one that my friends regularly use as
their own ISP's make it harder and harder for them to deliver their
mail any other way.  (If you're a customer of, say, AOL, and you plug
your laptop into the Ethernet at a friend's office, AOL won't accept
your outgoing mail.  To be able to send mail to anyone, you'd have to
reconfigure your mailer to send it to somewhere else.  For people who
travel a lot and jack in anywhere, this is error-prone and tedious; it
quickly becomes intolerable.)

The problem exists because the anti-spammers can't strike out at the
spammers, because they can't easily identify them.  So they strike out
at a broad range of Internet users who look sort-of-like the spammers.
And they're so mad about spam that they don't particularly care who
gets hurt in the process.

I sent a short note to a colleague at CERN yesterday.  We both work
with the Internet Society, but usually see each other in mailing lists
rather than sending mail directly between us.  The message bounced at
CERN's mail gateway, with the message "toad.com: this domain is
banned."  A short complaint I sent to postmaster () CERN CH was returned
with the same remark.

Governments don't need to make us censor the Internet -- we're doing it
to ourselves.  And the people being censored are the ones who believe
in open communication, and having machines be helpful to misrouted mail
instead of hostile to it.

The real cure is to block only massive quantities of unsolicited email.
Small quantities of unsolicited email, like my note to CERN, should
go through.  Massive quantities of solicited email, such as mailing lists
that people deliberately subscribe to, should also go through.
Software can measure massive quantities (though no anti-spam software
currently does!!), but it can't tell whether the email is solicited or
not.  Making that judgment requires having humans in the
loop.  Rather than programming our machines to refuse all doubtful
communications and hoping any real people can find some other way to
reach us, we should program them to detect massive quantities and
delay the mail until someone spends two seconds to decide if it's
spam or legit.  Each of us does that every day in our email already,
but our software isn't automating it so that when the first fifty people
call it spam, the rest of us don't have to read it any more.

        John

*******

From: "David Smith" <david_smith () unforgettable com>
To: <declan () well com>
Subject: RE: US company bans email from all .co.uk addresses -- spammers!
Date: Fri, 29 Oct 1999 23:24:40 -0500
Message-ID: <NABBLEJKEPNIBFGBDJOKIEINDPAA.david_smith () unforgettable com>
MIME-Version: 1.0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal

I'm continually amazed at how anti-spammers are given a free ride by the
press, by their customers, and by the online community.

You could write "Oh golly gee, I guess we went a little overboard going
after those nasty spammers" stories every single day of the week.

If this had been a censorware company, there would have been howls of
protest, but since we are talking about anti-spam efforts, the notion of
holding IDT accountable for their actions is unthinkable and unspeakable.

David Smith
david_smith () unforgettable com
http://www.aclutx.org/chapters/central


**********


--------------------------------------------------------------------------
POLITECH -- the moderated mailing list of politics and technology
To subscribe: send a message to majordomo () vorlon mit edu with this text:
subscribe politech
More information is at http://www.well.com/~declan/politech/
--------------------------------------------------------------------------