On Mon, 12 Jan 2004, Mike S wrote:
At 06:50 PM 1/12/2004, Vernon Schryver wrote...
Instead of paying the extra cost to hire an ISP that cares
enough to not have spamming customers, people complain about the evils
of blacklists.
Feh. Once again with an argument based on incorrect assumptions.
I don't spam. I would preferentially route email direct for two main
reasons:
1) privacy - routing via my ISP's outbound SMTP gives them
the right to intercept and read my email, according the ECPA;
Err, Just the opposite is more freqently the case. Most ISP's usually only
have the right to block spam. Some don't even have that right, if you
don't purchase their spam filter service. The ECPA specifically prohibits
the ISP from exceeding its limited authority. There was recently a very
good ECPA case of a company (not an ISP) that exceeded its authority:
Konop V Hawaiian Airlines.
But privacy is still an issue, because you don't know that the ISP's
admins aren't breaking the law. Reading mail in a mail queue is far
easier than using a sniffer, and much more tempting. Some ISPs are very
lax on administrator discipline, and some very well-known people such as
Steven Bellovin still claim the ECPA doesn't apply to the internet at all.
[FYI, I will be posting the House and Senate reports (scans of copies, but
mostly readable) on the web with a lot of other information about the ECPA
and the Computer Fraud and Abuse Act, including cases and other
information, as well as cases involving blacklists and Anti-Trust. The
ECPA house and senate reports are very illuminating. I'll post a URL if
people are interested.]
2) control - sending from my own system allows me to control retry
attempts and times, instead of being forced to wait 4 days for my ISP
to bounce an undelivered back to me, assuming they don't just silently
lose it.
If your contract allows you to run your own system, then the ISP would not
be allowed to prevent you from doing that. This could be made into an
ECPA issue---some people think it is merely and only a contract
non-performance issue and said contract excludes liability for failure to
perform. Like the Sherman Anti-Trust Act, the ECPA is a criminal statute
with civil actions permitted, and carries its own civil and criminal
penalties.
Of course, if your contract does not allow you to run your own system,
then you don't have a complaint about blacklists blocking it.
Assuming you have permission to operate your system, then there are many
good reasons besides the ones you've listed to do that.
I can't do so because my IP address is on a blacklist. I have cable
modem, but the world thinks I'm a dial-up. For that reason alone,
having nothing whatsoever to do with spam, I'm forced to give up
privacy and control of my communications.
This is what anti-trust law is for. A blacklist is group boycott. If it
significantly harms your business, then it is illegal. The blacklist and
the blacklist subscribers can be (and have been) enjoined from
blacklisting genuine business.
"Anti-spam" initiatives that are based on such blacklists are quite
simply the failed results of irrational, fascist thought. Regardless
of your exact definition of spam, all reasonable ones I've heard have
one thing in common - it's based on CONTENT, not IP address.
Blacklists couldn't care less about content - legitimate email or
spam, out it goes, to the detriment of communications, which is the
Internet's raison d'etre. I take that back, it used to be that way.
Now the Internet is meant to make big corporations lots of money.
Blacklists also, quite clearly, don't work to eliminate spam.
True. But rational argument isn't enough to overcome irrational facist,
thought. For that we have courts and laws.
--Dean