|
The webmaster first discovered the dangers of IP number spam blacklists when he discovered that his server was blacklisted on the Osirusoft database. Before January 2003, this did not matter much, but the massive virus attack in the third week of January 2003 caused panic ISPs such as Mistral Internet installed service features without research or consideration. Some ISPs are so negligent and some webmasters so hopping mad that some blocking lists are compiled just to catch out idiot ISPs. Blars is one of these and Yahoo mail appears to use it. As at Boxing Day 2004 Yahoo and BTOpenworld.com are blocking emails through the webmaster's server and it is listed with Blars who simply blocks whole data-centres at his whim. The file which follows arises from Mistral Internet having blocked all the webmaster's incoming email when Mistral Internet started blocking spam by using DNS Blacklists.
----- The following addresses had permanent fatal errors ----- postmaster@mistral.co.uk reason: 571 Service unavailable; [207.44.140.100] blocked using relays.osirusoft.com.(The Mistral Chief Executive Karl Robinson has tried to tell me that Mistral never used Osirusoft despite his staff emailing me to say that they did, and error messages such as the one above!)
BTOpenworld have not learned from the Mistral or the Osirusoft experience. Osirusoft are now out of business. BTOpenworld deserve the same fate as my client vendee@antibes.co.uk, whose emails to their BTOpenworld.com account have been blocked, can testify. BTOpenworld used to be a good ISP but now rely on Yahoo.com for spam protection services. Yahoo.com provide free services - so you get what you pay for there - but BTOpenworld.com charge for their service. . .
After argument with the ISP, Mistral Internet, they graciously agreed to allow email to flow from antibes.co.uk to mistral.co.uk for the period of just one week.
This started the webmaster's research on what is really going on in the field of Blocking Spam. The weekend following the beginning of the Mistral troubles, the webmaster's clients in Spain started having to open up hotmail accounts in order to send emails to him: emails through their standard Spanish ISP email accounts were being blocked from reception by Mistral. Why? Because the Spanish ISP was on the Osirusoft blacklist. The webmaster's clients had not sent spam . . . and the webmaster affected had done nothing wrong to be penalised by the blockading of communication from his clients. Mistral, being a Microsoft Partner don't appear to understand that systems should be built to be failsafe, that they should not set boob traps like Microsoft and should not lose customer's email.
A few days later, the webmaster found that outgoing email through mistral.co.uk was being blocked because Mistral's 195.184.229.181 server was being blocked by other servers using the ztl.dorkslayers.com and maildeflector blacklists. Why? Because the administrators of blocking servers can't read the instructions "the use of this list to block or tag email is NOT RECOMMENDED." The instructions then go on to say "We may remove your IP address from the list if you ask us nicely. Please allow 4-6 months for the unlisting to take effect. If, after 6 months, the unlisting has not happened, please feel free to repeat your request.". So now, Mistral finds its own blocking of other sites applied upon itself and clients using Mistral Internet are (in the Spring of 2003) dammned to sporadic service for 6 months.
The only way in which Spam emails can be junked is by efficient psycholigical content filtering and by Spammers learning that all their Spam emails are a waste of their own time and resources. Here is part of what the webmaster's spam stopper junked overnight, without reference to DNBL blacklists.
It's so easy for just one person to get an ISP blocked with thousands of email users affected. The risks of this are so great that the method of junk mail elimination is wholly unacceptable. Geoff Harris, a gardener in Menorca headgardener@terra.es did some innocent targeted marketing using an email harvester and sent an email to blockme@relays.osirusoft.com and so now no-one using @terra.es addresses can send an email to anyone receiving email through Mistral, Freeserve, numerous ISPs in the USA! Blocking emails on a DBL basis is absurd and simply dangerous.
So who is Osirusoft? It's a single bloke! Yes - the whole of your email communications, if you allow your ISP to do so, can be censored by a single Geek (pictured here)! A self appointed brother's keeper, who as you'll see below gets things wrong, upon which some ISPs like Mistral .co.uk place total reliance as the sole criterion to arbitrarily block incoming mail to customers. As far as the webmaster is concerned, Mistral introduced their system arbitrarily, without consulting clients nor explaining what they were doing, without giving customers the option whether or not to have selected incoming blocked. Mistral were informed that they were using an unreliable source for their criterion for blocking emails and continue to do so. The webmaster had requested that his email not be filtered, but Mistral refuse to allow what they wrongly diagnose as Spam to reach him. Whilst genuinely eliminating spam is to the customer's advantage, the prevention of genuine communication is interfering with customers email, in this instance between a webmaster and his clients and that that must be unlawful, at the very least on grounds of common nuisance.
Moving ISPs is not an option because of the loss of business goodwill arising from the webmaster's long use of his email address and web pages hosted by the ISP.
ISPs who adopt such an unintelligent, crude and unreliable form of Spam elimination are openly acknowledging a cavalier attitude in knowing that such a system deliberately sets out to harm the business interests of innocent parties. The system "creates intentional loss of email connectivity for anyone who chooses to use it. Sometimes a site that is actively engaged in relaying unwanted spam to internet users may also have users that are not spammers. What actually happens is that the nonspammers share an unpleasant and negative fate with spammers in that case. "
The webmaster soon found why Osirusoft was providing false data.
Osirusoft is run by Joe Jared. On 11th November 2002 Mr Jared posted the following report of an apparent spam email to the Spam Newsgroup http//groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=3DC8F520.75C719F6%40osirusoft.com&rnum=1&prev=/groups%3Fhl%3Den%26lr%3D%26ie%3DISO-8859-1%26q%3D207.44.140.100%26btnG%3DGoogle%2BSearch%26meta%3Dgroup%253Dnews.admin.net-abuse.email From: Joe Jared (joejared@osirusoft.com)
Subject: Interesting x-headers [Fwd: Want to update your website? Looking for a new website? Need professional web design without the cost?] Newsgroups: news.admin.net-abuse.email Date: 2002-11-06 02:55:43 PST Naturally, it was in fact, spam.
Mr Jared posted the whole email from which he deduced incorrectly that this server 207.44.140.100 was the source of spam, and blacklisted it wrongly.
In order to assist in blocking spam, there is a spam trap at the bottom of many pages. . . as there is on this one - which is picked up by spambots looking for addresses to send junk to. Formerly it was bf@antibes.co.uk, which would have been undetectable as a spam trap and on the January Google cache it is still there . . .
This shows how easily Osirusoft is flawed as Joe Jared should have seen from the header of the email which he quoted that the system was set up deliberately to forward spam to his blockme@relays.osirusoft.com address. In order to get through the SpamAssassin filters, the bf@antibes.co.uk had to be in the whitelist_to section and there, staring him in the face in the text that he quoted was that obvious clue to any professional in the business.
In identifying sources of spam, it's essential to be able to interpret the email headers that come through on all emails . . .
Here's the analysis of the text that Joe Jared posted:
Return-Path kenny@tascmanagement.co.uk
Received from relays.osirusoft.com (IDENTc7eBkw+f7oIZwJWu3ZkRqPj0H9ljX3HP@relays.osirusoft.com [216.102.236.44])by ns.osirusoft.com (8.11.6/linuxconf) with ESMTP id gA6Andj01171for; Wed, 6 Nov 2002 024946 -0800
Received from antibes.co.uk ([207.44.140.100])by relays.osirusoft.com (8.11.6/linuxconf) with ESMTP id gA6AoOj21392for; Wed, 6 Nov 2002 025027 -0800
Received from srv01.info-world.com (root@localhost)by antibes.co.uk (8.11.6/8.11.6) with ESMTP id gA6AnDJ03622for; Wed, 6 Nov 2002 104913 GMT
X-ClientAddr 80.189.23.78
Received from yourwebsite.com (gr.189.23.78.dial.global.net.uk [80.189.23.78])by srv01.info-world.com (8.11.6/8.11.6) with SMTP id
X-MailScanner-SpamCheck not spam, SpamAssassin (score=-90.5, required 8,MSG_ID_ADDED_BY_MTA_3, NO_REAL_NAME, RCVD_FAKE_HELO_DOTCOM,RISK_FREE, SPAM_PHRASE_03_05, SUPERLONG_LINE, USER_IN_ALL_SPAM_TO,USER_IN_WHITELIST_TO)
Here was the clue . . . a SpamAssassin system is clearly operating on an intermediate system and the address to which the Spam was orignally sent had to have a Whitelist clearance to receive emails - otherwise the spam intended for blockme@relays.osirusoft.com would have been blocked on its way through the bf@antibes.co.uk spam trap!
Anyone who knows SpamAssassin would know that we are operating an especially modified setup as the normal required level for spam rejection is 5 and not 8 as set here . . .
So with professionals such as Osirusoft's Joe Jared in charge, unable to dissect an email header, it's not surprising that Osirusoft provides faulty blacklists. Any system based exclusively upon an Osirusoft listing will produce false positives leading to lost emails, frustration and damage to businesses relying on ISPs who rely upon Osirusoft.
Based on http://www.relays.osirusoft.com/, as at 1st February 2003, Mistral and other ISPs are providing an incompetant service - they have been informed of Osirusoft's faulty blacklists and therefore total rejection of emails from those IP addresses on the lists amounts to a negligent use of the system. Proper Spam Blocking requires much more care in operation if significant inconvenience and loss of client business is to be avoided.
Here's the original Spam that was sent by spammer kenny@tascmanagement.co.uk at IP 80.189.23.78, if Joe Jared gets it right, no user of dial.global.net.uk will be able to send an email to anyone at mistral.co.uk. Thousands of innocent internet users are being affected and inconvenienced more by incompetant spam blockers than the spammers themselves.
-------- Original Message -------- Return-Path:Subject: Want to update your website? Looking for a new website? Need professional web design without the cost? Sender: kenny@tascmanagement.co.uk Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Date: Wed, 6 Nov 2002 11:00:04 -0000 X-MailScanner: Found to be clean X-MailScanner-SpamCheck: not spam, SpamAssassin (score=-90.5, required 8,MSG_ID_ADDED_BY_MTA_3, NO_REAL_NAME, RCVD_FAKE_HELO_DOTCOM,RISK_FREE, SPAM_PHRASE_03_05, SUPERLONG_LINE, USER_IN_ALL_SPAM_TO,USER_IN_WHITELIST_TO) Status: X-Mozilla-Status: 8001 X-Mozilla-Status2: 00000000 X-UIDL: 3dc8f3eb00000001If the above is true you may have already been in touch with web designers who have quoted silly money, or you may have tried to do it yourself but you just don't have the knowledge required to do a job that matches the professionalism you want to promote. TASC can take on the work, with NO up front charges and NOTHING to pay unless you are completely satisfied - so NO RISK to you! Even better, our fees average at around HALF of what you will have been quoted elsewhere! So...why so cheap? Well, two reasons: firstly, we are good at what we do - we are programmers as well as designers, so everything is done quickly, taking less of our time, reducing your costs; secondly we base our income on volume - we do lots of work for less money, rather than little work for large amounts. This keeps us fresh and allows us to spread the word to lots of businesses - a tactic that we are sure will reap huge rewards into the future. Best of all....when we design your website, we will provide you with our own web maintenance software that will allow you to add or amend the content of your site, allowing you to keep the site fresh and updated into the future, without having to rely on any company (with large fees) to update it. If you're interested in getting the best out of your site, increase the flow of traffic and visitor returns, then you should get in touch. You can contact us on: t. 01294 212432 e. info@tascmanagement.co.uk m. TASC Management, 7 Kirkstyle Court, Irvine KA11 1RR . . . and that was the Spammer, elimination of whose emails will be welcomed by the thousands that he and others have sent them to. If you are an ISP wanting effective spam blocking, click here for the use of a constantly updated and modified SpamAssassin system which provides better spam email discrimination than any unmodified factor rankings.Received: from relays.osirusoft.com (IDENT:c7eBkw+f7oIZwJWu3ZkRqPj0H9ljX3HP@relays.osirusoft.com [216.102.236.44])by ns.osirusoft.com (8.11.6/linuxconf) with ESMTP id gA6Andj01171for ; Wed, 6 Nov 2002 02:49:46 -0800 Received: from antibes.co.uk ([207.44.140.100])by relays.osirusoft.com (8.11.6/linuxconf) with ESMTP id gA6AoOj21392for ; Wed, 6 Nov 2002 02:50:27 -0800 Received: from srv01.info-world.com (root@localhost)by antibes.co.uk (8.11.6/8.11.6) with ESMTP id gA6AnDJ03622for ; Wed, 6 Nov 2002 10:49:13 GMT X-ClientAddr: 80.189.23.78 Received: from yourwebsite.com (gr.189.23.78.dial.global.net.uk [80.189.23.78])by srv01.info-world.com (8.11.6/8.11.6) with SMTP id gA6An6t03570for ; Wed, 6 Nov 2002 10:49:08 GMT Message-Id: <200211061049.gA6An6t03570@srv01.info-world.com> Reply-To: kenny@tascmanagement.co.uk From: kenny@tascmanagement.co.uk To: bf@antibes.co.uk
I'm sure that Joe Jared does not intend his blacklist to be used as the only uncorroborated source upon which ISPs can make decisions. Mistakes often occur. But http://www.dotcomeon.com/ comments: "We don't complain about email filtering in principle, and believe each ISP should be free to set their own in-house email policy. We strongly warn the public that the creation of a central blackhole list controlled by some self-appointed big brother entity is vulnerable to abuse of monopoly power over world-wide electronic communications." Their site is well worth a read - who's in control of the Internet? Not just mistake-making Joe Jared . . . but appearing rather sinister Paul Vixie.
If people are lazy, and do not do the real work necessary to avoid the inconvenience of Spam, the relinquishing of the task to one or two mistake prone or corrupt individuals leads us down the road whether in government or the internet where "we are steadily becoming blind to the injustices perpetrated by our government in the name of freedom"
Website marketing & hosting, Webmaster Services and anti-Spam email protection. We provide hosting for the Science Race
If you have a property to sell or let for holidays in UK, Spain, Balearics
Islands, France, Greece or Italy mailto:david@antibes.co.uk?Subject=Marketing_my_property-ZIP
ATTACHMENTS ARE BLOCKED. He closely monitors Web
Statistics and therefore can guarantee you success
Please DO NOT SEND .zip ATTACHMENTS: they are blocked through the server.
If you are buying a property and moving, plastic boxes can be helpful!