From: Keith Moore <moore(_at_)cs(_dot_)utk(_dot_)edu>
To: Paul Vixie <vixie(_at_)vix(_dot_)com>
the maps dul is a list of dialups,
not a list of guilty spammers. anyone who subscribes to it knows what they
are getting.
That's both wrong and misleading.
It is misleading because the essentially none of people whose incoming
mail is affected by the DUL, PDL, RBL+, SpamAassassin, Brightmail, Postini,
DCC, and every other even slightly popular spam filter do any "subscribing."
except to their ISP. There are only 10,000s of people who can be said
to "subscribe" to any spam filtering, and they subscribe on behalf of
probably more than 100,000,000 mailboxes. Those 100M users do not
"subscribe" to anything except mysterious services provided by their ISP.
They would not understand the implications of the filtering their ISPs
provide if they were told. The most users are told is a brand name, some
technobabble, and perhaps how to add to personal white- or blacklists.
Paul's statement is wrong in that most of the relatively very few
people who do "subcribe" to Brightmail, Postini, the DUL, PDL, RBL+,
Pyzor, SpamAassassin, and even the DCC do not understand what they're
subscribing to. Perhaps Paul's experience some time ago when he was
involved with MAPS differs from what I've found with the thousands of
installations of the DCC. I try hard to disclose everything to everyone
about the DCC except details of the fuzzy checksums, but much less
than 10% get it or care.
I don't want to insult anyone, but subscribers treat spam filters like
the other black boxes they deal with. They don't care how a filter
works if it has less than 10%-15% false negatives and less than 1%
false positives. They care even less about worse filters. They may
pick up some technobabble, but they use it like they used to talk
about routers ASICs without any real notion of how the differences
among ASICs, full-custom silicon, and commodity MPUs might matter.
I doubt many of the few people who do "subscribe" to the DUL on behalf
of their users understand it. From comments in other forums it is
clear that many do not realize that or why many "dialup" blacklists
including many IP addresses that have nothing to do with modems, unless
you think DSLAMs and DOCSIS involve "dialup modems."
yes, but are they being misled into thinking it's a good idea to block smtp
traffic just because it comes from a dialup line?
How can they by misled into thinking something they don't understand
and that isn't strictly true? I'm not sure about the DUL, but the PDL
says it includes a lot more than the classic definition of "dialup line."
(See http://www.pan-am.ca/pdl/ )
However, the truth in that statement means that a statement by the
IETF would be a good thing, no matter what you think of redirection
proxies, port 25 filtering, and "dialup" DNS blacklists.
From: Paul Vixie <paul(_at_)vix(_dot_)com>
yes, but are they being misled into thinking it's a good idea to block
smtp traffic just because it comes from a dialup line?
to keep that question from fitting the definition of "FUD", i suggest
that you treat it as real (nonrhetorical) and try to find the answer.
"Dialup blacklists" no longer have the utility they once did, but have
a new power. If you understand and believe in dialup blacklists, it's
not because you care about dialup modems. Most spammers don't use
throw-away modem accounts as they once did. Instead they abuse open
proxies on DSL and cable-modem networks. The IP address of those
proxes are often listed in "dialup" blacklists.
However, I see practically no little spam that is not caught by
mechanisms other than "dialup" blacklists.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
Disclaimer/advertisement: http://www.dcc-servers.net/