If you're looking for dslreports.com tonight
Sorry, our ISP is having an issue.. they're working on it. I am aware, please stop paging me, IM'ing and e-mailing me, thank you :)
« December 2003 | Main | February 2004 »
Sorry, our ISP is having an issue.. they're working on it. I am aware, please stop paging me, IM'ing and e-mailing me, thank you :)
Microsoft's answer to the IE phishing bug..
The most effective step that you can take to help protect yourself from malicious hyperlinks is not to click them. Rather, type the URL of your intended destination in the address bar yourself. By manually typing the URL in the address bar, you can verify the information that Internet Explorer uses to access the destination Web site. To do so, type the URL in the Address bar, and then press ENTER.
I have a better solution, how about using a browser that is not vulnerable to a huge security hole that apparently the browser maker isn't in any hurry to fix?
Laughing yet? Good! That is funny.
I have recently discovered ddr (that's Dance Dance Revolution for those who never heard of it) and it's more fun than jumping on a pad to house pop music ought to be. Good source of exercise for the nasty winter days when running outside is not an option and the treadmill sounds about as appealing as writing CS I projects.
Next time I'm in California (CT Is amazingly arcade-poor) I'll have to visit an arcade and make a fool out of myself in public on a nice, metal pad. (Hi Matt!)
(Stats? I'm getting As and AAs in "light mode" songs but still have problems with "standard mode".. I'll get better!).
Blacklisting IP addresses of spammers is a common and effective method of keeping spam away from our inboxes. There are many excellent lists that can be used for this purpose. Personally I like ordb which is a list of open relays and sbl.
Another list is SPEWS which goes a step further than majority of lists and blacklists entire IP blocks of ISPs known to host spammers. On the surface this may seem like a good idea - after all, if an ISP hosts a spammer it is more likely to host more spammers and blocking the entire range may be useful in stopping such future crops of bad guys. This feeling quickly goes away when one realizes that innocent customers of the same ISPs are also blocked by the list -- without a chance of being removed until the ISP cleans up its act. In other words, they're collateral damage and this seems acceptable to those behind the list.
DSLReports found itself in just such situation recently as I discovered the reason some of our users were not receiving their requested email is due to ISPs filtering their incoming traffic through SPEWS. There is another factor to consider here.. the IP of our server is blacklisted at level 2 which, according to SPEWS FAQ should only be used if someone wants to filter their email very aggressively. It isn't surprising that with the ever increasing deluge of spam a couple ISPs would follow the advice of "professionals" and use the more aggressive method of filtering their traffic. (Incidentally, I have been asked by several people to expose the ISP(s) who are filtering at this level but I refuse to start a witch hunt and will not do this).
To make the long story short, the article Karl and I wrote created some noise (slashdot, etc) and grabbed the attention of news.admin.net-abuse.email, which is the newsgroup you're directed to when you wish to be removed from the SPEWS blacklist. We followed up with an interview with the CEO of our ISP and it seems nac is well on their way to cleaning up house with the 3 listing remaining on spamhaus down from 12 just a few days ago. Not bad, hopefully it'll be zero very soon.
Of course, what this results in is claims that "DSLR showed that SPEWS works". Well, not really. Yes, we did manage to grab the attention of our ISP and get the CEO involved in cleaning up their abuse department.. that's true, but this is because we are a relatively well known site and can create enough noise to be a pain. Your average ISP customer does not have that leverage. So, yes, it worked, nac is cleaning house, but no, this does not prove the method of blacklisting entire block ranges works in the long run. Not to mention that if we were approached with "hey guys, nac is a pain, help us" we probably would have.. nobody wants to be associated with what is seen as "spam friendly ISP". Of course, case might be made that we should have been watching the lists and seen this sooner, but neither of these things happened and 'what ifs' aren't very productive.
In the last few days I have read many arguments for the way SPEWS operates and many against it.. What it boils down to for me, is that the people behind SPEWS do not see anything wrong with the collateral damage of blacklisting innocent people who may not have the resources to affect how their ISP operates and are only left with the choice of either switching to a different provider (not always possible or easy as anyone with a website knows) or routing email through an external host (ironic, that this is the same method spammers use to by-pass blocks).
The most popular of arguments:
SPEWS doesn't block anyone, they just provide a list.
True, they do not block anyone, their lists is utilized for that. Now let's pretend that an adult makes this argument, one may assume that as an adult s/he understands that actions have consequences. The list is published with a specific purpose in mind -- to be utilized as a list of IPs to block from receiving mail servers. Anyone can make a list, but as soon as you make it publicly available and clearly describe what this list includes you need to take the responsibility to make sure that the content is accurate and true. So, yes, while SPEWS themselves do not block anyone, as producers of the list they are responsible for its content.
Administrators have a right to block whoever they want
That they do, my argument isn't with the administrators blocking anyone, my argument is with SPEWS knowingly including IPs that have never produced a byte of spam on a list that is used by many administrators to filter incoming email. It's an unfortunate fact that many admins do not even know that SPEWS does this, that's clearly seen if you scan comments in both our news stories - quite a few people admitted to using SPEWS and being unaware that innocent customers of ISPs are listed, not just spammers. In my honest opinion, any administrator of a large server who refuses email solely on a SPEWS listing is irresponsible and if s/he were my employee they would be looking for a new job.
SPEWS works
I addressed a part of this earlier. It worked in this case, it doesn't work in the other cases, otherwise the list would be much shorter, wouldn't it? If it worked ISPs wouldn't stay listed on it for long (nearly a year for nac).
Using SPEWS means I get less spam
I'm sure you do, I'm sure you would get even less spam if you blacklisted the entire Internet, in fact you would get no spam, but you'd also get no email. If you can live with that, be my guest, but can your customers? (Obviously people running their own servers can do as they please).
There are few to none false positives with SPEWS
That's my favorite. Running a large mail server (that's 40K+ emails a day) means you cannot possibly know what your false positive rate is. Anyone who claims they do is full of it. With a smaller server, it's possible to scan through logs and see what was rejected, but once again, for anyone running a small server none of this applies as their email blocking choices affect only them, not thousands of customers as would be the case with an ISP.
You support a spam-friendly ISP therefore you support spam
I think this one just deserve a thorough and complete eye-roll.
Fact is, there is no evidence that a list like SPEWS is anymore effective in stopping spam than a less aggressive list that blacklists only known spammers. I would venture an opinion that any administrator who is responsible for a large mail server and uses SPEWS to deny incoming email is irresponsible and is allowing his/her personal feelings about spammers get in the way of performing a service to his users.
I'm an acm member and have been for years. In reality, I just read the publications and use their email address as I've had it since college.
Some time ago their database of email addresses was compromised, that's bad enough.
Today I received spam sent to one of their anouncement mailing lists. That's just sad. Get a clue acm!
We all hate spam, me no less than others.. but seriously.. can we do something about this ridiculous method of blacklisting entire IP-blocks whether they belong to a guilty party or not just to get even with an ISP that is presumably hosting spammers?
dslreports.com a website that openly fights against spam.. blacklisted by spews as part of the entire IP-block.. and of course there is no chance of removal.. just a several hundred word rant... not instructions (although you would think from the link...). Thanks for wasting 15 minutes of my life reading that. I know what spam is and I know why it's bad.. we don't spam.. and moving ISPs is not an option.. so essentially spews is blacklisting us for.. what again?
This isn't solving a problem, spammers will not use a blacklisted host and don't care about the carnage they leave behind as they hop from ISP to ISP.
If one is up at nearly 2am on a Sunday night merrily debugging various server issues that really can wait a few hours (the few hours I need of sleep) I would think that is a big, flashing sign of an issue. With bright colors and blinking lightbulbs around it.
I admit it, I have a problem. If I see an issue I can't walk by it.. I have to roll up my sleeves and dig in (well, not in a physical sense, of course) no matter how useless that may be at the time (face it, if a server is throwing i/o errors one after another it may be a bit late to try and figure out if I have a current backup). It's not that I'm a workaholic, really, I'm not.. I haven't spent all of today working at all... it's just that I can't walk past something like this. Help.
I have nothing against people believing in their favorite deity or practicing their religion under one, clear, simple condition. Please leave me out of it.
We use the term "bible" to describe our site.. Anyone who ever visited the computer books aisle can probably attest that it's a very commonly used term when referring to "a publication preeminent especially in authoritativeness or wide readership"... In fact that's the definition of "a bible" if anyone cares to look it up. That's not to be confused with what many refer to as "the bible". This is the connection to the main topic of this rant.. which is "religious nuts".
We get a ton of nutty feedback, we get a ton of good feedback and sometimes we even get useful feedback.. but imploring us to "find god" and scaring us with fire and brimstone over the use of the term "bible" is a little out there.. but apparently we're all going straight to hell. Which begs for the question.. why would an almighty, all knowing and all understanding god give a damn (no pun intended) over the use of a term in the English language? If we called ourselves "biblia" (Polish) would we still be going to hell? Is every librarian (biblioteka, again, Polish) going to hell? Interesting.. a connection.. bliblia.. biblioteka.. anyone who knows a bit of Latin will recognize this one.. So it's pretty obvious, bible is not a religious term, it's just another Christian appropriation (see major holidays).
As I said above.. I have nothing against Christianity or any other religion (I have a ton of problems with the Roman Catholic church but that's a whole other rant).. but I do have problems with anyone who tries to tell me how to live my life because he feels he's saving my soul. Thanks, but I'd rather burn in hell than spend an eternity among holy nut-cases. Bring on the fire and brimstone it's so cold today that it sounds pretty damn (pun intended) nice.
It's cold in the bowels of Connecticut lately, actually, it's very cold. Three degrees right now (that's not Celsius) and wind-chill of a negative value.I don't like cold weather, technically I don't like hot weather either, but I definitely do not like cold weather. In fact it's so cold I'm sitting under a warm blanket with a warm powerbook in my lap, surrounded by warm cats and refuse to stick my nose outside the nicely-heated indoors. Why bother? I can complain about cold inside.
I was talking with Karl earlier and we both concluded that we hate people who live in the warm climates.. Not all of them, just the ones who make sure we know it's warm where they are while we're freezing our asses off on the eastern seaboard. Here, imagine a big, ascii middle finger.
It is rare that a piece of spam slithers into my inbox through all my ever vigilant filters -- so when it does, I pay attention. These days spammers are no longer greasy 16 year olds with a dsl connection, now they're sophisticated, bright, innovative opponents.. any other types drop off the map so quickly they don't know what filter hit them. It becomes a game.
"How did this one get through"
"Oh, I see, clever boy"
Filters improve, and as a result, spammers improve. A spammer who can get through my filters and infiltrate my inbox is a worthy opponent indeed. Either that or just incredibly lucky.
Today's gem comes with new methology, not just relying on fooling the filters, this one meant to fool the recipient. Of course, that point is not new, spammers have done this since the early days of "MAKE MONEY NOW" schemes on usenet.. but typically they try to appeal to the reader..
Subjects like...
"About last night"
"Re: resume"
..and so on.
Anyone can see through those, especially when they attempt to appeal with a personal touch and include the email prefix in the subject..
"You didn't call joe01239clas"
Well, gosh, all my girlfriends call me that, I should read it now! Not. What is the one thing that almost everyone is guaranteed to read?
"You're such an asshole!"
In small print inside "buy viagra" -- all jokes about the subject and enclosed message aside.. that's pretty damn clever.. Who can pass up a message that alludes to causing any sort of wrong doing? Play at that little guilty devil inside all of us.. Well, it only works once, no goal, your ball.
All these changes in my little corner of office space.. decided to take the plunge and clean my desk as well! Since that's such a rare event, I took a picture. It will last longer.
I give it 2 weeks before the desk is back to being covered in piles of papers and magazines.
In the great tradition of google and assorted filtering tools Mark Lindner came up with a filter for gaim.
It's fun to annoy your co-workers with!
To quote Mark:
Sappnin' dere, homey. Why duzn't ya give dese rap filters some damn try? Dey be great.
It's the little things in life that make us happy. Today is the last day I have a windows box on my desk at work. At least for a while.
I have the utmost respect for windows programmers, truly, I do.. I just don't make a very good one myself. Having me write windows software is a bit like having a VB programmer who has never used unix write apache modules. In my short, yet ever so annoying foray into the world of Microsoft-based-os programming I experienced Delphi programming and creating installation scripts with Wise (whose scripting language is the weirdest damn thing I've ever learned).
I cheated though.. I wrote my test utilities in perl.
Today, i lovingly deleted all my personal files, cheerfully cleaned out the application list and shutdown the machine. It's being taken away tomorrow morning and I'll be left with my ever so much slower and older, but yet reliable, trustworthy and linux equipped pc.
I'm all smiles, it's the little things.
New year's resolutions? No.. don't really have any. I never make them since a resolution made on the first day of the year isn't more likely to be kept than one made on any other day of the year.
Regardless.. for this year.
Run a marathon, that's all I have so far.
