TRBL Support wrote:
As a counterpoint, I run a public DNSBL and I agree with the choice of
wording used in the BCP draft. Watching the history of blacklists over
the years, few things have caused more angst and accusations than
requiring a delisting fee. Even SORBS has stopped requiring such a
fee.
I never heard of the TRBLSPAM so it is very like to be not widely known. As
a consequence there will not be many users and not many removal requests.
If we at UCEPROTECT would have to handle up to 50 removal request per day,
then we could offer that free of charge, of course.
Unfortunateley we would have to handle between 40000 to 50000 requests per
day, if we would offer immediate removals free of charge.
In UCEPROTECT's early days (August 2001) the project was run on a sub domain
of admins.ws and the blocklists had public "remove me" Buttons, where
listees could remove them self.
As Spammers were beginning to abuse that with automated scripts we did
secure it with a captcha. Then Spammers did hire persons in India and China
to remove their listings manually.
That was the point where UCEPROTECT has chosen to no longer allow "self
removals" and then everyone was required to contact us to get removed before
expiration.
Anyone that has ever run a heavily used public blocklist, has a clue what
this means:
In 2003 we had to read 40000 to 50000 removal request per day, and all these
guys are claiming to be completely innocent, and they all are claiming that
they would have fixed their problems.
Not necessary to say that 90% of them did find their way back into the list
within minutes, because they had indeed NOT fixed their problems.
Some month later we moved the project to its own domain and got rid of
removing all those losers every day just to see their system continue
spamming 5 minutes later again.
There were more removal-requests than we could handle ourselves in time and
we have high standards: Every request for a manual removal has to be done
within 90 minutes.
We tried to find trustworthy people that would do the manual delistings free
of charge on a 24/7 basis, but no one wanted to have this job without being
paid.
So we had chosen that the only way to get out would be automatic expiration
after 7 days.
We had only 165 trapservers out there that time and that means you have
better chances to win the jackpot in your local lottery than to hit a
spamtrap here, unless you are sending tons of spams.
It happens very often that Spammers send 30.000.000 spammails and we see
just 1 of them. It is impossible for us to know whether or not a formerly
spam spewing system has been cleaned up or not.
Not getting reports for 1 or 2 days says nothing about the listed system. It
could still spew spam but just miss our traps.
Not getting reports for 7 days is of course not a proof, but at least an
indicator that the problem might have been fixed.
You know what happened next, do you?
Some listees claimed that it would cost them lots of money to be listed for
a week, but they would have fixed their problem and they are so sure that
their problem is now fixed that THEY WOULD EVEN PAY FOR IT TO GET OUT
IMMEDIATLEY.
So expedited express delisting was not our invention - It was implemented
because listees were begging us to create that option.
Logic says: One would not waste money if he would not have fixed the
problems.
That is the reason why expedited express delistings exist at
UCEPROTECT-Networks.
It was necessary to contract external persons to run the hotline and the
express delistings, which wouldn't have needed on automatic expirations only
Logically these people (mostly students) do not work for free, and neither
we nor our users have any intention to pay for the faults of our listees.
We also think we have found a good balance between what is acceptable for
someone who has really fixed his problems and needs his email back and also
expensive enough that Spammers would not pay for.
And as told before another important fact is: Most of those who paid have
really fixed their problems and learned an unforgettable lesson:
NEVER GO ONLINE AGAIN WITH AN INSECURE SYSTEM.
Our users fully agree to that policy because we did never try to make a
secret out of it.
I know it is hard to believe for all those that do not agree with our
policy:
Many of our users have chosen to use ourlist *BECAUSE* we are running an
hard and unforgiving course against the owners of spamming systems, no
matter they are spamming intentionally or because they got hacked.
Since also no one here from this group offered to do the 24/7 Job removing
the losers free of charge for us, nothing will change at UCEPROTECT-Network
for the moment.
Regards
Claus von Wolfhausen
Technical Director
UCEPROTECT-Network
http://www.uceprotect.net
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg