The Boston Diaries

The ongoing saga of a programmer who doesn't live in Boston, nor does he even like Boston, but yet named his weblog/journal “The Boston Diaries.”

Go figure.

Monday, June 23, 2003

Collateral damage in the Spam Wars

From: XXXXXXXXXXXXX (Mail Delivery System)
To: sean@conman.org
Subject: Undelivered Mail Returned to Sender
Date: Mon, 23 Jun 2003 16:20:35 -0500 (EST)

This is the Postfix program at host swift.conman.org.

I'm sorry to have to inform you that the message returned below could not be delivered to one or more destinations.

For further assistance, please send mail to <postmaster>

If you do so, please include this problem report. You can delete your own text from the message returned below.

The Postfix program

<XXXXXXXXXXXXXXXXXXXX>: host XXXXXXXXXX[XXXXXXXXXXXX] said: 554 Service unavailable; Client host [216.82.96.10] blocked using relays.osirusoft.com; [1] Edirect, see http://spews.org/ask.cgi?S483 (in reply to RCPT TO command)

Lovely … just gotta love that vigilante justice.

All the trouble to have as smooth a transition as possible, and the IP address we get is stuck in the SPEWS database. I've never even heard of SPEWS until today.

Sigh.

So I start poking around on the site:

Q41: How does one contact SPEWS?

A41: One does not. SPEWS does not receive email—it's just an automated system and website, general blocklist related issues can be discussed in the public forums mentioned above. The newsgroup news.admin.net-abuse.email (NANAE) is a good choice, and Google makes it quite easy to post messages there via the Web as M@ilGate does via email. First time newsgroup posters should read the NANAE FAQ. Note that posting messages in these newsgroups & lists will not have any effect on SPEWS listings, only the discontinuation of spam and/or spam support will. Be aware that posting ones email address to any publicly viewable forum or website makes it instantly available to spammers. If you're concerned about getting spammed, change or “mung” the email address you use to post with.

Q42: My IP address/range is being listed by SPEWS but I'm not a spammer and I just signed up for this/these address(s). What can I do to be removed from the list?

A42: SPEWS is just an automated system, if spam or spam involvement (hosting spammers, selling spamware) from your IP address/range ceases, it will drop out of the list in time. Normally the listing involves spam related problems with your host and the first step you need to take is to complain to them about the listing, in almost all cases, they are the only people who can get an address/range out of the SPEWS list. If there is a spam related problem with your host, their IP address/range will not be removed until it is resolved. If your host or network is certain a listing mistake has been made, ask them to read this FAQ then post a message in a public forum mentioned above with the SPEWS record number (eg. S123) and/or the IP address/range information in it. Placing the text “SPEWS:” in the subject can help a SPEWS editor or developer see the message and they may double check the listing—note that, although others may, no SPEWS editor or developer will ever reply to the posting. Will this get your IP address/range removed from a SPEWS listing? Again, not if there are currently spam related problems with your host.

Spews FAQ [emphasis added]

Even lovelier …

They don't make it easy to get removed from their listing; they just list entire network blocks until they feel the provider that is effected has jumped through enough hoops to get de-listed.

Granted, this is just a list that the maintainers, in their opinion, think are spammers or are friendly to spammers and sysadmins are free to reference this list or not. But like credit reporting agencies, it's hard to make corrections, especially one like SPEWS.

It's one thing to set this up for your private use, where the risks of not communicating with someone is known, but to use such a list system wide where the users aren't aware of its use is something else entirely, and one I don't like. Which is why I don't enable such lists on my server; I don't want to set such a censorus policy on my users.

This problem came up because a server that runs a mailing list I'm on uses such a system, which I (and probably most other users of that mailing list) were unaware of. And I have to wonder how many potential people can't subscribe because of SPEWS.

So now it's the dance of IP renumbering. Good thing I kept the TTL on the DNS to an hour until I was certain everything was fine.

Obligatory Picture

[The future's so bright, I gotta wear shades]

Obligatory Contact Info

Obligatory Feeds

Obligatory Links

Obligatory Miscellaneous

You have my permission to link freely to any entry here. Go ahead, I won't bite. I promise.

The dates are the permanent links to that day's entries (or entry, if there is only one entry). The titles are the permanent links to that entry only. The format for the links are simple: Start with the base link for this site: https://boston.conman.org/, then add the date you are interested in, say 2000/08/01, so that would make the final URL:

https://boston.conman.org/2000/08/01

You can also specify the entire month by leaving off the day portion. You can even select an arbitrary portion of time.

You may also note subtle shading of the links and that's intentional: the “closer” the link is (relative to the page) the “brighter” it appears. It's an experiment in using color shading to denote the distance a link is from here. If you don't notice it, don't worry; it's not all that important.

It is assumed that every brand name, slogan, corporate name, symbol, design element, et cetera mentioned in these pages is a protected and/or trademarked entity, the sole property of its owner(s), and acknowledgement of this status is implied.

Copyright © 1999-2024 by Sean Conner. All Rights Reserved.