advertisement

Print

Shining Light Into the Realtime Blackhole List
Pages: 1, 2

Jed Lewison, who is director of eCommerce Product Marketing for Real Networks, also agrees that the closed-loop definition is too restrictive a definition. Real has been on the RBL for some time because it sends out monthly e-mails to more than 100 million of its customers. "Closed loop confirmations isn't really the industry standard," he says.



So according to the materials at mail-abuse.org, I should be considered a spammer and cease my noxious processes. But when I spoke to Thompson directly, she assured me the likelihood of any of my subscribers complaining would be low. So even though I don't actually confirm everyone that I add to my list by sending him or her an inquiring e-mail that they have to confirm and return to me, I am probably in the clear.

Second, RBL has an imperfect appeals process. Real's Lewison says, "We send out millions of e-mails a month. If one person complains, we get listed." Once you are listed, you can't easily be completely removed.

The O'Reilly Network was placed on the list when recipients complained about getting spam, largely because the e-mail wasn't properly identified, as Dougherty admits. "We did not do a good job of identifying the connection between the O'Reilly Network and perl.com," he said. "And so several people complained to mail-abuse.org." Then they were taken off the list (after some gnashing of electronic teeth and various e-mails and phone calls) and placed on "probation." What does this mean? It is a sort of spammer purgatory -- while their traffic isn't blocked and they aren't part of the RBL itself, it means that until they change their practice, they are under the microscope to behave themselves. And that includes using the closed loop confirmations above, which O'Reilly has stated they won't do. Thompson indicated that someone could stay in purgatory forever. However, there is no way to know you have THAT particular status, since unlike the RBL it isn't publicly available.

Third, there is an issue of how the RBL folks notify the abuser. "Even though the newsletter had several real e-mail addresses in it, no one at MAPS chose to contact us at those addresses," said Dougherty. Given who they are and how they do business, RBL would prefer to send e-mail to the postmaster and abuse accounts at the ISP who handles the ultimate spammer. As Thompson says, "I know the postmaster@earthlink account is read regularly and very responsive. I don't know if the postmaster account at every Earthlink-maintained domain customer is read regularly." Good point. What about including both the ISP and the spammer in the initial warning message? She didn't have a good answer to that, something that could easily be done and result in more timely corrections of problems.

Finally, most people don't understand that there are two different blocking actions, as mentioned earlier: the mail server and all IP traffic. Sometimes the folks at RBL will add to their list just the mail server, and sometimes all servers, of an abuser. Thompson told me that reasons varied for the different actions, depending on many different factors.

Some e-mail list owners say that these policies aren't uniformly applied. One has said, "Only people who aren't famous or who don't control large or popular sections of the Internet are put on RBL." When someone from O'Reilly also questioned this practice, "RBL indicated that they did not do this consistently. They would not block traffic to a high-profile site." This seems to me unfair to say the least.

Paul Hoffman, who runs the Internet Mail Consortium and has spent a great deal of time dealing with spam policy issues, says, "It is good to have someone in the world like the MAPS RBL even though I don't agree with all of their policies. For example, should a co-located customer be allowed to decide whether to use the RBL or not? In most cases, they can't decide -- once their hosting provider subscribes to it, they have to deal with the consequences. That means if I disagree with the sites listed on the RBL, I have to switch providers. I think the RBL should only apply to edge routers."

In the meantime, I welcome your e-mails and thoughts. Just as long as they aren't spam.

David Strom founded CMP's Network Computing magazine in 1990 and was its first editor-in-chief. He's now the president of David Strom, Inc.

Related Content

Sound Out on the RBL

Securing Your Home Network With the Edge Firewall

Cell Phone Viruses: The New Frontier


Discuss this article in the O'Reilly Network Forum.

Return to the O'Reilly Network Hub.