Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Internet Vigilante Justice, SPAM, and Copyrights

CmdrTaco posted about 12 years ago | from the stuff-to-think-about dept.

News 316

pdw writes "An interesting article about how vigilante justice on the Internet by anti-spam advocates can be just as threatening to the Internet as those proposed for copyright advocates."

cancel ×

316 comments

Sorry! There are no comments related to the filter you selected.

butt post (-1, Offtopic)

Anonymous Coward | about 12 years ago | (#4236991)

#asciipr0n
rock on chicago, rock over london

Re:butt post (-1, Troll)

Anonymous Coward | about 12 years ago | (#4237034)

This beast comes out when it is 25 degrees below zero
It can rip your head off
It can fly as high as a bird
It can bite your face

The Chicken Cow
The Chicken Cow
The Chicken Cow
The Chicken Cow

This beast killed as many as 100,000 people
Its wings can flap like a bird
It can break a glass
It can also stab you in the ass

The Chicken Cow
The Chicken Cow
The Chicken Cow
The Chicken Cow

This beast attacked my brother
It stabbed him in the ass while he was in the cold
His hands were frostbitten
His hands were also numb

The Chicken Cow
The Chicken Cow
The Chicken Cow
The Chicken Cow

Blockbuster Video, wow, what a difference!

GET SOME PRIORITIES !!! (-1, Flamebait)

Anonymous Coward | about 12 years ago | (#4237073)

The worst terrorist attack in recorded history occurred just a year ago, followed by a Holy War against Islam, and now Israel and the Palestinians as well as India and Pakistan are teetering on the brink of their own war, Argentina is in the midst of a financial crisis, America is considering launching attacks against Somalia and Iraq, and you people have the gall to be discussing the September 11 attacks???? My *god*, people, GET SOME PRIORITIES!

The bodies of the thousands of innocent civilians who died (and will die) in these unprecedented events could give a good god damn about the September 11 attacks, your childish Lego models, your nerf toy guns and whining about the lack of a "fun" workplace, your Everquest/Diablo/D&D fixation, the latest Cowboy Bebop rerun, or any of the other ways you are "getting on with your life" (here's a hint: watching Cowboy Bebop in your jammies and eating a bowl of Shreddies is *not* "getting on with your life"). The souls of the victims are watching in horror as you people squander your finite, precious time on this earth playing video games!

You people disgust me!

couldnt you at least wait till 1130? (-1, Offtopic)

Lawrence_Bird (67278) | about 12 years ago | (#4237029)

have some respect dude

First page lenthening post! (-1, Troll)

Anonymous Coward | about 12 years ago | (#4237033)

Say hello to page lengthening courtesy of our friend Klerck!

I

like

wide

pages

I

wish

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

are

much

cooler

than

those

narrow

pages

you

are

used

to

reading

because

you

dont

have

to

worry

about

the

lameness

filter

telling

you

that

you

don't

have

enough

charaters

per

line

that

really

sucks

when

that

happen s

and

you

have

to

put

some

lame

lameness

filter

defeater

text

in

there

i

wonder

how

many

people

will

read

this

whole

comment

I

certainly

hope

it

doesnt

annoy

too

many

p eople

This

is

just

the

beginning

because

PA GE

WIDENING

IS

BACK

I

like

wide

pages

I

w ish

all

pages

could

be

as

wide

as

this

do nt

you

wide

pages

are

much

cooler

than

tho se

narrow

pages

you

are

used

to

reading

be cause

you

dont

have

to

worry

about

the

lam eness

filter

telling

you

that

you

don't

hav e

enough

charaters

per

line

that

really

suc ks

when

that

happens

and

you

have

to

put

some

lame

lameness

filter

defeater

text

in

there

i

wonder

how

many

people

will

read

t his

whole

comment

I

certainly

hope

it

doesn t

annoy

too

many

people

This

is

just

the

beginning

because

PAGE

WIDENING

IS

BACK

I

l ike

wide

pages

I

wish

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

are

m uch

cooler

than

those

narrow

pages

you

are

used

to

reading

because

you

dont

have

to

worry

about

the

lameness

filter

telling

you

that

you

don't

have

enough

charaters

per

l ine

that

really

sucks

when

that

happens

and

you

have

to

put

some

lame

lameness

filter

defeater

text

in

there

i

wonder

how

many

people

will

read

this

whole

comment

I

cert ainly

hope

it

doesnt

annoy

too

many

people

This

is

just

the

beginning

because

PAGE

WI DENING

IS

BACK

I

like

wide

pages

I

wish

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

ar e

much

cooler

than

those

narrow

pages

you

are

used

to

reading

because

you

dont

have

to

worry

about

the

lameness

filter

telling

you

that

you

don't

have

enough

charaters

pe r

line

that

really

sucks

when

that

happens

and

you

have

to

put

some

lame

lameness

fi lter

defeater

text

in

there

i

wonder

how

m any

people

will

read

this

whole

comment

I

certainly

hope

it

doesnt

annoy

too

many

peo ple

This

is

just

the

beginning

because

PAGE

WIDENING

IS

BACK

I

like

wide

pages

I

wis h

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

are

much

cooler

than

those

narrow

pages

you

are

used

to

reading

beca use

you

dont

have

to

worry

about

the

lamen ess

filter

telling

you

that

you

don't

have

enough

charaters

per

line

that

really

sucks

when

that

happens

and

you

have

to

put

so me

lame

lameness

filter

defeater

text

in

th ere

i

wonder

how

many

people

will

read

thi s

whole

comment

I

certainly

hope

it

doesnt

annoy

too

many

people

This

is

just

the

be ginning

because

PAGE

WIDENING

IS

BACK

I

lik e

wide

pages

I

wish

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

are

muc h

cooler

than

those

narrow

pages

you

are

u sed

to

reading

because

you

dont

have

to

wo rry

about

the

lameness

filter

telling

you

t hat

you

don't

have

enough

charaters

per

lin e

that

really

sucks

when

that

happens

and

you

have

to

put

some

lame

lameness

filter

defeater

text

in

there

i

wonder

how

many

p eople

will

read

this

whole

comment

I

certai nly

hope

it

doesnt

annoy

too

many

people

T his

is

just

the

beginning

because

PAGE

WIDE NING

IS

BACK

I

like

wide

pages

I

wish

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

ar e

much

cooler

than

those

narrow

pages

you

are

used

to

reading

because

you

dont

have

to

worry

about

the

lameness

filter

telling

you

that

you

don't

have

enough

charaters

pe r

line

that

really

sucks

when

that

happens

and

you

have

to

put

some

lame

lameness

fi lter

defeater

text

in

there

i

wonder

how

m any

people

will

read

this

whole

comment

I

certainly

hope

it

doesnt

annoy

too

many

peo ple

This

is

just

the

beginning

because

PAGE

WIDENING

IS

BACK

I

like

wide

pages

I

wis h

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

are

much

cooler

than

those

narrow

pages

you

are

used

to

reading

beca use

you

dont

have

to

worry

about

the

lamen ess

filter

telling

you

that

you

don't

have

enough

charaters

per

line

that

really

sucks

when

that

happens

and

you

have

to

put

so me

lame

lameness

filter

defeater

text

in

th ere

i

wonder

how

many

people

will

read

thi s

whole

comment

I

certainly

hope

it

doesnt

annoy

too

many

people

This

is

just

the

be ginning

because

PAGE

WIDENING

IS

BACK

I

lik e

wide

pages

I

wish

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

are

muc h

cooler

than

those

narrow

pages

you

are

u sed

to

reading

because

you

dont

have

to

wo rry

about

the

lameness

filter

telling

you

t hat

you

don't

have

enough

charaters

per

lin e

that

really

sucks

when

that

happens

and

you

have

to

put

some

lame

lameness

filter

defeater

text

in

there

i

wonder

how

many

p eople

will

read

this

whole

comment

I

certai nly

hope

it

doesnt

annoy

too

many

people

T his

is

just

the

beginning

because

PAGE

WIDE NING

IS

BACK

I

like

wide

pages

I

wish

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

are

much

cooler

than

those

narr ow

pages

you

are

used

to

reading

because

y ou

dont

have

to

worry

about

the

lameness

f ilter

telling

you

that

you

don't

have

enoug h

charaters

per

line

that

really

sucks

when

that

happens

and

you

have

to

put

some

la me

lameness

filter

defeater

text

in

there

i

wonder

how

many

people

will

read

this

who le

comment

I

certainly

hope

it

doesnt

annoy

too

many

people

This

is

just

the

beginnin g

because

PAGE

WIDENING

IS

BACK

I

like

wid e

pages

I

wish

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

are

much

coo ler

than

those

narrow

pages

you

are

used

t o

reading

because

you

dont

have

to

worry

a bout

the

lameness

filter

telling

you

that

y ou

don't

have

enough

charaters

per

line

tha t

really

sucks

when

that

happens

and

you

h ave

to

put

some

lame

lameness

filter

defeat er

text

in

there

i

wonder

how

many

people

will

read

this

whole

comment

I

certainly

h ope

it

doesnt

annoy

too

many

people

This

i s

just

the

beginning

because

PAGE

WIDENING

IS

BACK

I

like

wide

pages

I

wish

all

page s

could

be

as

wide

as

this

dont

you

wide

pages

are

much

cooler

than

those

narrow

pa ges

you

are

used

to

reading

because

you

do nt

have

to

worry

about

the

lameness

filter

telling

you

that

you

don't

have

enough

cha raters

per

line

that

really

sucks

when

that

happens

and

you

have

to

put

some

lame

la meness

filter

defeater

text

in

there

i

wond er

how

many

people

will

read

this

whole

co mment

I

certainly

hope

it

doesnt

annoy

too

many

people

This

is

just

the

beginning

bec ause

PAGE

WIDENING

IS

BACK

I

like

wide

pages

I

wish

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

ar e

much

cooler

than

those

narrow

pages

you

are

used

to

reading

because

you

dont

have

to

worry

about

the

lameness

filter

telling

you

that

you

don't

have

enough

charaters

pe r

line

that

really

sucks

when

that

happens

and

you

have

to

put

some

lame

lameness

fi lter

defeater

text

in

there

i

wonder

how

m any

people

will

read

this

whole

comment

I

certainly

hope

it

doesnt

annoy

too

many

peo ple

This

is

just

the

beginning

because

PAGE

WIDENING

IS

BACK

I

like

wide

pages

I

wis h

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

are

much

cooler

than

those

narrow

pages

you

are

used

to

reading

beca use

you

dont

have

to

worry

about

the

lamen ess

filter

telling

you

that

you

don't

have

enough

charaters

per

line

that

really

sucks

when

that

happens

and

you

have

to

put

so me

lame

lameness

filter

defeater

text

in

th ere

i

wonder

how

many

people

will

read

thi s

whole

comment

I

certainly

hope

it

doesnt

annoy

too

many

people

This

is

just

the

be ginning

because

PAGE

WIDENING

IS

BACK

I

lik e

wide

pages

I

wish

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

are

muc h

cooler

than

those

narrow

pages

you

are

u sed

to

reading

because

you

dont

have

to

wo rry

about

the

lameness

filter

telling

you

t hat

you

don't

have

enough

charaters

per

lin e

that

really

sucks

when

that

happens

and

you

have

to

put

some

lame

lameness

filter

defeater

text

in

there

i

wonder

how

many

p eople

will

read

this

whole

comment

I

certai nly

hope

it

doesnt

annoy

too

many

people

T his

is

just

the

beginning

because

PAGE

WIDE NING

IS

BACK

I

like

wide

pages

I

wish

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

ar e

much

cooler

than

those

narrow

pages

you

are

used

to

reading

because

you

dont

have

to

worry

about

the

lameness

filter

telling

you

that

you

don't

have

enough

charaters

pe r

line

that

really

sucks

when

that

happens

and

you

have

to

put

some

lame

lameness

fi lter

defeater

text

in

there

i

wonder

how

m any

people

will

read

this

whole

comment

I

certainly

hope

it

doesnt

annoy

too

many

peo ple

This

is

just

the

beginning

because

PAGE

WIDENING

IS

BACK

I

like

wide

pages

I

wis h

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

are

much

cooler

than

those

narrow

pages

you

are

used

to

reading

beca use

you

dont

have

to

worry

about

the

lamen ess

filter

telling

you

that

you

don't

have

enough

charaters

per

line

that

really

sucks

when

that

happens

and

you

have

to

put

so me

lame

lameness

filter

defeater

text

in

th ere

i

wonder

how

many

people

will

read

thi s

whole

comment

I

certainly

hope

it

doesnt

annoy

too

many

people

This

is

just

the

be ginning

because

PAGE

WIDENING

IS

BACK

I

lik e

wide

pages

I

wish

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

are

muc h

cooler

than

those

narrow

pages

you

are

u sed

to

reading

because

you

dont

have

to

wo rry

about

the

lameness

filter

telling

you

t hat

you

don't

have

enough

charaters

per

lin e

that

really

sucks

when

that

happens

and

you

have

to

put

some

lame

lameness

filter

defeater

text

in

there

i

wonder

how

many

p eople

will

read

this

whole

comment

I

certai nly

hope

it

doesnt

annoy

too

many

people

T his

is

just

the

beginning

because

PAGE

WIDE NING

IS

BACK

I

like

wide

pages

I

wish

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

are

much

cooler

than

those

narr ow

pages

you

are

used

to

reading

because

y ou

dont

have

to

worry

about

the

lameness

f ilter

telling

you

that

you

don't

have

enoug h

charaters

per

line

that

really

sucks

when

that

happens

and

you

have

to

put

some

la me

lameness

filter

defeater

text

in

there

i

wonder

how

many

people

will

read

this

who le

comment

I

certainly

hope

it

doesnt

annoy

too

many

people

This

is

just

the

beginnin g

because

PAGE

WIDENING

IS

BACK

I

like

wid e

pages

I

wish

all

pages

could

be

as

wide

as

this

dont

you

wide

pages

are

much

coo ler

than

those

narrow

pages

you

are

used

t o

reading

because

you

dont

have

to

worry

a bout

the

lameness

filter

telling

you

that

y ou

don't

have

enough

charaters

per

line

tha t

really

sucks

when

that

happens

and

you

h ave

to

put

some

lame

lameness

filter

defeat er

text

in

there

i

wonder

how

many

people

will

read

this

whole

comment

I

certainly

h ope

it

doesnt

annoy

too

many

people

This

i s

just

the

beginning

because

PAGE

WIDENING

IS

BACK

I

like

wide

pages

I

wish

all

page s

could

be

as

wide

as

this

dont

you

wide

pages

are

much

<

I wish I was a "vigilante" (2)

zaren (204877) | about 12 years ago | (#4237041)

I don't run or maintain any mail server that I use, so I can't beat on the spammers the way I want [spews.org] . There's no way that I can say "My server, my rules" as clearly as I could by using the SPEWS blacklist. The best I can do is send the LARTs and hope the spammers get nuked. *sigh*

Let all spam through! (1, Troll)

elindauer (520825) | about 12 years ago | (#4237386)

Personally, I think we should stop trying to block all these spammers. Today is a tough day for everyone. Thinking about a year ago, how the world for many of us was turned upside down... it's hard to go about your daily routine. And yet, when I arrived at work, my mailbox was crammed full of spams, just like always. While many people are coming in late or taking the day off, these spammers continue to keep me updated about new penis enlargement technologies. They put aside their personal grief and send out news of a new get-rich-quick scheme, thereby showing the terrorists that they will never win. God bless them.

You're no fun. (3, Funny)

edunbar93 (141167) | about 12 years ago | (#4237398)

You want to beat on spammers using spews.org? And here I thought you linked to some quite violent imagery involving a steel pipe and some quick lime.

wow (1)

Apreche (239272) | about 12 years ago | (#4237054)

the author of the article is a lawyer. However evil some of them are, they are the kind of people we need on our side. Good to see that they aren't all idiots.

Re:wow (4, Insightful)

hawthorne (220575) | about 12 years ago | (#4237068)

Not only is he a lawyer, but hes a lawyer with an open relay, and he doesn't believe that spammers will 'lie' to get that server to propagate their mail!

Re:wow (4, Insightful)

sqlrob (173498) | about 12 years ago | (#4237110)

He does seem remarkably clue resistant though. He *IS* running an open relay and admits it.

So what if you have to forge the FROM. It's not like spammers don't do that anyway.

Re:wow (2)

GlassUser (190787) | about 12 years ago | (#4237181)

Yeah, that's what got me. He's there running an open relay, but keeps whining about how it's not an open relay. Someone needs to whack up him upside the head.

Re:wow (3, Informative)

undeg chwech (589211) | about 12 years ago | (#4237295)

To play devil's advocate ... perhaps the notification from the RBL should be clearer? Instead of saying "you've been blackholed you nasty friend of spammers" if should say "you've been blackholed because your server accepts forged headers. I notice you're running XYZ server, so to fix the problem do A, B and C"

(Nb. I've never been blackholed, so I don't know what the notification really say. It could just be that this guy is illiterate)

Re:wow (1)

plague3106 (71849) | about 12 years ago | (#4237258)

Since forging the from can be done by anyone, i'd call it an open relay too. He should lock it down so that you must actually BE on his network to use the server. I don't have any pity for this guy.

Re:wow (0)

Anonymous Coward | about 12 years ago | (#4237669)

I vote that we should use his open relay to cram his inbox full of messages from his mate, the goatse.cx guy, and copyrighed works of Ron L. Hubbard? Anyone else have another good idea?

Re:wow (4, Insightful)

Anonymous Coward | about 12 years ago | (#4237236)

No, this guy *IS* an idiot. Based on what he says in his diatribe, he has his server configured to allow relay based on the sender email address. As he doesnt seem to realize he has discovered, this is NOT a secure way of configuring a server, and a server configured that way *IS AN OPEN RELAY*. Relay controls must be based on IP address, not sender email address. Other secure options include SMTP Auth and POP-before-SMTP.

His saying his server is not an open relay doesnt make it so. If some random person on the Internet can make his server send a message to some other random person on the Internet, then his server is insecure. Yes, spammers *DO* forge sender addresses in order to abuse these servers.

Spam, and the security and policies necesarry to try and get control of it, are by nature a very technical field. More and more people who are just upset that they cant mail, and thing the blacklists are responsible, and who arent willing to take the time to understand whats really going on, and starting to get off on their soapboxes like this. THEY ARE WRONG.

His relay is open (5, Insightful)

ccandreva (409807) | about 12 years ago | (#4237066)

This article demonstrates the problem we are up against getting people to secure their networks.

His mail server is an open relay, and he still doesn't realize it. Worse, he's a lawyer. These are the people that will be setting policy.

I wonder if it is even worth e-mailing to explain the situation to him.

Re:His relay is open (3, Informative)

dattaway (3088) | about 12 years ago | (#4237197)

Road Runner allows [rr.com] me to run my own mailserver. This allows me to run my own spam rules and have my own domain name; however, when they scan it and find an open relay, they would shut me down in a heartbeat. I feel this is a good example of a responsible ISP.

All ISP's need to scan customers for annoying vulnerabilities. It is not a violation of privacy, it helps everyone. Especially if we want to eliminate sources of spam.

Re:His relay is open (5, Informative)

schon (31600) | about 12 years ago | (#4237229)

His mail server is an open relay, and he still doesn't realize it.

His mail problem is that he doesn't understand what an open relay really is.

He says "I block SOME relayed mail, so therefore my relay isn't completely open, so therefore it's not an open relay."

Well, if a door is ajar, are you going to argue that it's not open? If it's not closed, it's open.

Re:His relay is open (0)

Anonymous Coward | about 12 years ago | (#4237232)

Yup, his only precaution against spam is that his mailserver forwards mails from his personal domain name. And we all know that this information can't be forged. Why is he running his own mailserver anyway?

Re:His relay is open (0)

Anonymous Coward | about 12 years ago | (#4237259)

I forgot an "only". Insert where appropriate.

How? (2)

Irvu (248207) | about 12 years ago | (#4237235)

If what he says is true then his server is not as secure as it could be but it is hardly completely open. What should he be doing that he is not? What standard of hackproofing should every Mom & Pop on the internet have to meet, and why?

Re:How? (0)

Anonymous Coward | about 12 years ago | (#4237306)

The standard is quite simple: If you don't know what you're doing and there's an alternative, don't do it yourself. Why can't he use a mail relay which is managed by professionals, like everybody else without a clue does?

Re:How? (3, Insightful)

ptomblin (1378) | about 12 years ago | (#4237373)

There is no reason to allow sites from outside your LAN to relay through your mail server based just on the From line or the MAIL FROM smtp command. At the very least, it's pretty trivial to only allow mail to be sent to outside the LAN (or localhost) if it comes from inside the LAN. If you need to be able to send email through it when you're at work or away on business, for example, then set up an SSL tunnel or some sort of authentication.

A good 10-20% of all the spam I get has headers forged to look like it came from me or from mailer-daemon on my site. Allowing mail to go through based on where it claims to be coming from, rather than where it actually is coming from, is just plain stupid. Spammers lie. Their entire business model is based on a lie, so why would you assume that they'd never lie about being from your domain?

Re:His relay is open (1)

Comen (321331) | about 12 years ago | (#4237338)

PLEASE, this guy is definitly a open relay!

What should he have done, well there are ways to do this, ISP's have been doing it for years.
Block by IP address! and if you dont like that I think you can even use login name and password for SMTP, even though I have never used this.

the guy says from his article
"You see, my mail servers were set up to pass mail only from a domain name of which I am the only user. It blocks everything else. That's not an open relay. Unless you're a user in my domain, you can't use it.
"
HAHAHAHAHAHA what a retard this guy is, so all you have to do is put in your email program, that your email address is from joeblow@hisdomain.com and his mail server passes it. a Spammer will never figure that out.
People they figure that out along time ago. and that is why the Black list service checks this.

I for one think a email server should be responsible for the peopel that send mail from it.
Maybe not legaly but I mean they should only been sending email from thier server that is from users that belong to that email server.
that way email servers that send SPAM can actully do something about the spammers that send mail through it.

Needless to say this guy is a idiot and it does go to show you that people will belive him, even though he dont know what he is talking about.

Glad to see some people on here understand that his mail server is definitly a open relay though.

Re:His relay is open (2)

windex (92715) | about 12 years ago | (#4237660)

With my mail server, any user sending mail from it is required to exist, that dosen't mean the user is actually who is sending the message, but it prevents people from making joeblow23@mydomain.com.

Open relays are still bad. He is still a moron.

So let me get this right.... (3, Insightful)

kramer (19951) | about 12 years ago | (#4237074)

His server was set up so poorly that all it took was a forged header saying it was from his domain to get a message through?

Sounds like he should have been blocked. Come on, at the very least do some ip checking. It sounds like his server wasn't a textbook open relay, but it was pretty close.

Re:So let me get this right.... (1)

germinatoras (465782) | about 12 years ago | (#4237674)

You're right - his mail server qualifies as an open relay because it did not do a reverse-DNS on the originating IP address. He should have configured it so that before performing a relay on any message, it looks up the DNS name of the sending host's IP address and verifies that it exists on the relay domain.

I configured BSD sendmail this way a few years ago...in fact, I think that's pretty close to its default configuration, you just have to tweak a few options. The guy in this article just doesn't understand what he's doing, and would rather bash so-called "vigilante"-ism (which this certainly isn't) than admit he's an arrogant, incompetent sysadmin.

Maybe he should use this to his advantage? (2)

plover (150551) | about 12 years ago | (#4237082)

Since his address is now blackholed anyway, maybe he should just start up a relay service, and charge spammers to use it?

Anyway, I think he should pick up the phone and call the dudes in Denmark. I think that being on an e-mail black hole list means never being ABLE to say you're sorry...

Re:Maybe he should use this to his advantage? (1)

scoof (2459) | about 12 years ago | (#4237636)

ORDB is run by volunteers, and as such do not have a phonenumber.
You can however contact ORDB using the webpage, and this lets your mail through, no matter whether you're listed or not.

Test fails = relay (2, Insightful)

cjustus (601772) | about 12 years ago | (#4237086)

If test server managed to send an email through the mail server by forging mail headers, you can bet that the spammers can use the same technique...

Authenticating by the domain that the sender says he is from is very weak...

Holes like this are what keeps the spam coming to my mailbox...

Re:Test fails = relay (2)

garcia (6573) | about 12 years ago | (#4237175)

you're kidding? So you mean he was wrong when he said he wasn't an open relay? Lawyers, wrong, never!

Not an open relay? Hardly (4, Informative)

stefanb (21140) | about 12 years ago | (#4237089)

form teh article: You see, my mail servers were set up to pass mail only from a domain name of which I am the only user. It blocks everything else. That's not an open relay. Unless you're a user in my domain, you can't use it.

Well, setting your sender's address to a trivially guessed domain name (such as the reverse-mapped address of the host), you effectivly have an open relay. Guess what spammers are doing: they are using known-good addresses, and try sending spam from those addresses MX hosts in the hope that the MTA do this foolish kind of access check.

This has been discussed since at least five years, and has been a point in the many faqs and howtos on how to lock down your MTA for a long, long time.

If you really need to send mail through your MTA from arbitrary IP addresses, you need to employ authentication. Again, this is hardly a new technology, and many documents explaining how to combine SSL and authentication for SMTP exist.

I don't get it... (5, Interesting)

Rhubarb Crumble (581156) | about 12 years ago | (#4237091)

This guy's gripe is about being misidentified as an open relay. But either I'm missing something or he's full of crap:

How had it gained access to my mail server? Simple. It had forged the headers on its email to convince my mail server that the email it sent was from a permitted user.

One word: Authentification.

You see, my mail servers were set up to pass mail only from a domain name of which I am the only user. It blocks everything else. That's not an open relay. Unless you're a user in my domain, you can't use it.

Uh, it may not be a totally open relay in the literal sense of the word, but surely that still means it can be used to send spam, as long as the spammer figures out who to identify himself as - and if the Danes could do it, then it can't be that hard?

Any spam-block that relies entirely on the "from:" header is broken by design. What, spammers disguise their identities? Never!

Re:I don't get it... (4, Funny)

catfood (40112) | about 12 years ago | (#4237419)

One word: Authentification.

Yeah! Don't misunderestimate the value of authentification!

Re:I don't get it... (mea culpa, need more coffee) (1)

Rhubarb Crumble (581156) | about 12 years ago | (#4237562)

Yeah! Don't misunderestimate the value of authentification!

oops... :-)

stupid (0, Flamebait)

Fruit (31966) | about 12 years ago | (#4237092)

The author of the article is an idiot, he thinks that spammers don't forge headers and therefore his relay is closed.

The proper way to close a relay is to check the sender IP address (from the TCP connection) and check if it's a local net.

Credibility lost in the second sentance (2, Interesting)

Mattygfunk1 (596840) | about 12 years ago | (#4237109)

I'm not even sure that I've ever clicked on a link sent to me in a piece of unsolicited commercial email.

When that appears in the first paragraph the rest loses credibility. Anybody qualified enough to be commenting on SPAM should be aware that simply by opening the email you may have verified the address as valid (if it contains an external image).

-----
interested in inventions [royalinventions.com.au] ?

Re:Credibility lost in the second sentance (0)

Anonymous Coward | about 12 years ago | (#4237298)

Anybody qualified enough to be commenting on SPAM should be aware that simply by opening the email you may have verified the address as valid (if it contains an external image).

No, not if you don't use HTML mail.

Re:Credibility lost in the second sentance (0)

Anonymous Coward | about 12 years ago | (#4237377)

You can use HTML mail if your client has an option to suppress all external references in HTML mail. It can still show embedded images and formatting without compromising your privacy. Finding such a client is left as an exercise to the reader.

Re:Credibility lost in the second sentance (1)

Mattygfunk1 (596840) | about 12 years ago | (#4237427)

When was the last time your plain text email contained an external image?

---
interested in inventions [royalinventions.com.au]

Re:Credibility lost in the second sentance (0)

Anonymous Coward | about 12 years ago | (#4237452)

When was the last time your plain text email contained an external image?

Never, even when spammers try to send me a message with an external image. All I see is tags - no image, and no hit to their web server. That's exactly my point.

Anybody qualified to be talking about web bugs should surely be intelligent enough to understand that there are plenty of ways around it. You lost all your credibility in your second sentence, too.

Re:Credibility lost in the second sentance (1)

Mattygfunk1 (596840) | about 12 years ago | (#4237596)

You lost all your credibility in your second sentence, too.

Maybe IYO, but my key word was the "may" in the first post. Yes, there's plenty of ways around this.

In the end, people who know what they're doing have the filters, and the common sense, not to click on the spam in the first place.

---
interested in inventions [royalinventions.com.au] ?

Re:Credibility lost in the second sentance (1)

beebware (149208) | about 12 years ago | (#4237400)

Maybe. If you can only read plain text (not the HTML rubbish that's going around) then you are safe. If you've got application-specific firewalling setup and restricted your mail client to ports 25 and 110 then you are quite safe... But if you are running something like an unpatched version MS Outlook with your security zone set to 'Local' and no firewalling whatsover - well, it's really your own fault... I'm not MS-bashing here (as I do use the full version of Outlook for my email), but I do do regular updates (Windowsupdate _and_ Office Update sites), have a regularly update firewall+antivirus and double-check all relevant security settings...

Re:Credibility lost in the second sentance (1)

janolder (536297) | about 12 years ago | (#4237654)

Sadly, you've lost your credibility with me in your subject line: It's sentence, not "sentance." :-)

To get back on topic... Good email programs like Pegasus [pmail.com] don't execute external links when you view the mail. Not so with Lookout^H^H^H^H^H^H^HOutlook [microsoft.com] .

Seen it all before (4, Insightful)

odaiwai (31983) | about 12 years ago | (#4237113)

This is the kind of thing you see every day in news:news.admin.net.abuse.email.

"Waah, I'm being blocked by your nasty list! I demand you stop blovking me or I'll drop piano's on all your heads! and I'm a lawyer!"

"A. no-one's blocking you, they're justing *choosing* not to accept email from known open relays (or whatever the perp feels accused of)."

"You're abusing my First Amendment Rights to 'Frea Speach'"

"Our list is based in the Gobi Desert. *Our* first amendment guarantees the right to tea with yak butter."

Also, searching for his email address to see if he had ranted on usenet, I found this: Archived Article [google.com]

an Excerpt (from the above article by "R. A. Hettinga" ):
New Architect is a Microsoft/DotNet magazine. This article is
agitprop for Microsoft's identity solutions: UDDI, Passport, and Palladium.

Any reputation framework that arises in the wild would reduce the
profitability of a Microsoft solution, so they are going to badmouth it,
sue it, etc.

dave

Re:Seen it all before (2)

MadAhab (40080) | about 12 years ago | (#4237214)

Good call. This is indeed microsoft agitprop. "Gee, can't trust this critical function to a bunch of volunteers" segues nicely into "So what we need is a bunch of professionals to make decisions for us... [churchlady voice] Could it be... Microsoft?" I'd expect a lot more of this stuff over the next couple of years.

And if it isn't, it still serves the bastard right for running an open relay and not getting it. Wow, you can send spam by lying to his mail server, let's sue some Danes for pointing it out.

Re:Seen it all before (0)

Anonymous Coward | about 12 years ago | (#4237586)

This guy not only doesn't know how to set up an email server, he is also going to lose the lawsuit: "I asked the blackhole list service if it would kindly re-scan my mail server" and later on "By sending their forged email through my mail server, which is located in my den in Los Angeles, they fulfilled certain California legal requirements that would let me sue them here." Earth to lawyer: Scanning for open relays is a method to determine if a spammer can use a relay. Spammers forge headers. Therefore a scan must include this forgery and since you asked them to do it, they are perfectly in sync with the law.

suggestion for someone (2)

John Harrison (223649) | about 12 years ago | (#4237578)

Discussing this on /. is all well and good, but if he is really astroturfing, and it appears that he is, someone that understands what is going on should submit a response article to the New Architect site. The do accept submissions. Check out http://www.newarchitectmag.com/guidelines/ [newarchitectmag.com] . I would do it, but I am not an expert on setting up mail servers or on the effectiveness of the black list.

Clueless writer (1)

spacefight (577141) | about 12 years ago | (#4237115)

"How had it gained access to my mail server? Simple. It had forged the headers on its email to convince my mail server that the email it sent was from a permitted user. You see, my mail servers were set up to pass mail only from a domain name of which I am the only user. It blocks everything else. That's not an open relay. Unless you're a user in my domain, you can't use it."

That seems like an invitation to spam trough his server with his domain name in it. Therefore I declare hereby his mailserver as an open relay ;) Sorry dude... no chance. Get a clue.

WTF (-1, Redundant)

Anonymous Coward | about 12 years ago | (#4237129)

Not only is this guy an asshole, hes also a LAWYER! He is running an open relay! He is threatening to sue the maintainers of the blackhole list!

Does anyone read these articles at all?

The writer is a moron (2, Interesting)

wsapplegate (210233) | about 12 years ago | (#4237133)

I fail to understand how this can be a valid argument against bad-maintained blackhole lists. The author was listed because *anyone could use his server to relay just by using a MAIL FROM command sporting his domain name*. Sheesh! When you configure your relay ACL, you use *IP ranges*, not domains (an awful lot of spammers forge all the headers in the messages they throw out). Even better, you use SMTP AUTH. That guy didn't bother to implement a technically valid solution, and thus his mail server definitely *could* be abused. No wonder it has been put on a blacklist...


BTW, this doesn't mean there aren't stupid blacklists out there listing innocent people. But this article proves nothing. Moreover, there are now better ways to filter spam, based on message content checksum, like Vipul's razor [sourceforge.net] . This is not the first time people bitch and moan about their badly-configured relays being censored by the antispam Nazis (I remember a guy, from the EFF I believe, that did the same thing some time ago) but they simply are irrelevant. Their solution is to RTFM and play by the rules. Period (grrrr, I really dislike bad admins :-/.

Not a troll, but (2)

sysadmn (29788) | about 12 years ago | (#4237349)

Sheesh! When you configure your relay ACL, you use *IP ranges*, not domains (an awful lot of spammers forge all the headers in the messages they throw out).
Forgive my ignorance*, but the article mentioned that he often checks email from hotels or foreign countries. Seems to me he's either using an IP address from the foreign point, or from an ISP with global reach. Either one would proclude using IP addresses in the ACL. So my question is, what's the best way to authenticate?
----
* a phrase used on Slashdot about as often as "Why do all those Supermodels keep throwing themselves at me?"

Re:Not a troll, but (4, Informative)

catfood (40112) | about 12 years ago | (#4237442)

Then that's when you want SMTP AUTH or POP-before-SMTP, a pretty typical configuration on modern mail servers. Or use your dialup ISP's mail server as a smarthost--that's what it's for.

Re:Not a troll, but (1)

wsapplegate (210233) | about 12 years ago | (#4237533)

Like I said, SMTP AUTH is the way. It's available on near every mail server software in the world : Sendmail [sendmail.org] , Postfix [state-of-mind.de] , Exim [exim.org] , and even more [elysium.pl] . There is no need for an unsecured relay nowadays. Trust me.

How to auth? (1)

87C751 (205250) | about 12 years ago | (#4237591)

Either one would proclude using IP addresses in the ACL. So my question is, what's the best way to authenticate?
I'd probably use POP-before-SMTP and APOP.

Ignorant lawyers. (1)

undeg chwech (589211) | about 12 years ago | (#4237137)


Let's just hope he can't convince an judge that his definition of 'open relay' is the correct one.

Not an open relay !!!!! (0)

Anonymous Coward | about 12 years ago | (#4237142)

"How had it gained access to my mail server? Simple. It had forged the headers on its email to convince my mail server that the email it sent was from a permitted user. "

Hmmmm, So its only an open relay if the spammer is an "Honest" user.....

I'll just pop that cluestick in the post to him....
he needs one.

The Law (0)

Anonymous Coward | about 12 years ago | (#4237152)

Althought the law provides recourse, it isn't enough to deter companies from doing this sort of thing. Anytime you use your email address, you're adding it to an archive of information that will never go away. All it takes is one text scanner running over a place where your email address is printed, and it's all over.

Even using your email address can be a bad thing. I went several years where the only email I ever got was my ISP reminding me that it was bill paying time. Then I gave my email address to one (1) relative. This relative gave my email address to one (1) other relative. Now I have spam everytime I check my email, although not in the volume the rest of the world seems to get. Incidentally, one of the relatives was using Hotmail, the other MSN.

Read the article: He _IS_ running an open relay (-1, Redundant)

Anonymous Coward | about 12 years ago | (#4237166)

He is also a lawyer.

It gets worse...

Not an open relay? (5, Insightful)

Jondor (55589) | about 12 years ago | (#4237186)

I do see a few problems with the story as written.
  • If it's so easy for the danish people to forge an acceptable identity, it's as easy for everybody else. Including spammers. If his domain is the only domain who should be allowed to use the mailserver, lock it on an ip-range.
  • If I want to make a personal list of domains from who I refuse to accept mail that's my good right. You can shout all you want, but I don't have to listen. If others like a copy of my list because they trust my judgement in this case, that's between them and me. Again, nobody can force me to accept mail.
  • As for the trespassing, he asked the danish site to re-check his mailserver. If I ask a cop to check my doors and windows, and he finds a way to get in. Can I sue him for burgelary? Or call it unfair because they used a method I didn't anticipate?

Anyhow, IMHO this is an other blabla piece from someone who doesn't realy has an understanding of what he's doing.. Typical american sollution.. let's sue..

Perhaps Bret A. Fausett should sue spammers (1)

Kenny Austin (319525) | about 12 years ago | (#4237189)

Forged headers? Oh my.

Bret A. Fausett is running an open relay. Instead of him trying to sue RBLs that I use to reject email from poorly ran servers such as his, perhaps he should start suing all the spammers that forge email headers.

I've had spammers use my domains in forged email headers before (note: not my servers, just email address from my domains) and after receiving hundreds of bounced pieces of spam from servers ran by dorks like Bret, I can testify that this is a major problem that should be tested on every RBL.

Kenny

Is this guy for real? (3, Insightful)

gpinzone (531794) | about 12 years ago | (#4237198)

This guy admits his e-mail server WAS unsecure and is complaining that he got blacklisted. I understand his fustration, but I'm glad he was blacklisted.

Now what's needed is a simple to use tool to help users determine if their systems can be comprimized. Any ideas?

Re:Is this guy for real? (1)

avante (524777) | about 12 years ago | (#4237500)

Hey that's a really good point you make there at the end. It's good to rail against this fellow for not understanding the complexity of computer systems.

However, putting forth something constructive is harder to do.

It's very likely the lawyer who wrote the article is using MS software (which although I hate it with a passion, it seems as if almost everyone uses that stuff). Does maybe that Norton stuff help out with some of these issues? I know they produce firewall software. Of course, and easy to use Open Source solution would be better, but loads of people seem to prefer wasting money.

So he had an open relay... (2, Insightful)

fmaxwell (249001) | about 12 years ago | (#4237200)

For one, the Danish antispam organization falsified an email header to gain access to my mail server.

Translation: His mail server is an open relay for anyone who forges a from: address using his domain name. No password, POP-before-SMTP or other identification and authentication mechanisms are used.

He's whining because his open relay was correctly listed as an open relay. And he's even suggesting a tresspass-to-chattels lawsuit against the group that properly identified his server as an open relay. What a dick!

Some good, some bad... (2)

Zathrus (232140) | about 12 years ago | (#4237205)

First off, he's right. A black hole list has the potential for abuse, and there need to be some checks to make sure they're not abused as such.

Second, once you're listed on a black hole, it can be hell to get off. My company had a secondary domain that was used for customer emails. It was, indeed, an open-relay due to misconfiguration. Eventually it got blackholed and our admins realized the mistake they'd made and set out to fix it. They did fix it eventually, but by that time the server was being slammed by spammers trying to use it as an open-relay. And on top of that trying to get the black hole list to remove the domain was difficult - it took well over two weeks, while the black hole-ing occurred in under a day. Eventually the entire domain was just dropped, since even with the open relay closed the spammers were still abusing the hell out of our pipe.

That said, as best I can tell the author of the article barely even tried to remedy the situation. Yes, the black hole system forged a header to hit his open relay. Duh. So do spammers. If they could do it, so could (and will) others, and that's why you're black holed. But I'm sure he could've contacted the people running the black hole to find out what he could do to fix the problem. Instead it looks like he just wants to take them to court.

Finally, black holes/black lists/spam filters/etc. aren't solving the problem. The bandwidth is still being chewed up, and as is pointed out in the article, the block lists act like honeypots for the spammers - everytime a new site is added the spammers find a new site to spam from. Sure, if you participate in the black hole you won't deliver the spam, but the bandwidth has already been sucked up from the backbones, and you're still using CPU power to deny the spam. As much as I'd like to see lawyers stay the hell away from the Net, I don't see any other way to stop spam than to make it illegal. It may be that most of the relays are foreign, but most of the spammers are in the US or another Western country. Anti-spam laws could significantly help.

Re:Some good, some bad... (2)

JordoCrouse (178999) | about 12 years ago | (#4237399)

Anti-spam laws could significantly help.

I live in Utah, with a pretty good anti spam statute [com.com] .

However, though I could be in the process suing a few dozen people a day, I simply do not have the time or the desire to persue any of these. Not when Spamassain grabs about 90% of all spam, and sends it to my Spam folder, where I review the headers looking for false positives, and then they get deleted. Total time for me, 3 minutes.

Anti-spam statutes, while good for keeping honest merchants in check, will do nothing for the multitude of pr0n, Nigerian and penis enlarger spams I get every day.

What am I going to do, sue the entire nation of Nigeria? From what I hear, only one guy has all the money, and he is dead, or so it says in an e-mail I just got from Azabi Manzuna... :-)

Re:Some good, some bad... (3, Insightful)

catfood (40112) | about 12 years ago | (#4237487)

Second, once you're listed on a black hole, it can be hell to get off. My company had a secondary domain that was used for customer emails. It was, indeed, an open-relay due to misconfiguration. Eventually it got blackholed and our admins realized the mistake they'd made and set out to fix it. They did fix it eventually, but by that time the server was being slammed by spammers trying to use it as an open-relay. And on top of that trying to get the black hole list to remove the domain was difficult - it took well over two weeks, while the black hole-ing occurred in under a day. Eventually the entire domain was just dropped, since even with the open relay closed the spammers were still abusing the hell out of our pipe.

I'm sorry, but I'm really failing to see what part of this is not the spammers' fault... or yours. Certainly it wasn't the listing service "abusing the hell out of [your] pipe" or slamming your servers. And you say your admins "did fix it eventually." Was that in a day, a few weeks, a year, or what? A mere two-plus weeks to be taken off the blackhole advisory list sounds very reasonable under the circumstances.

Sounds like the blackhole service did you a favor. Certainly they limited the damage your company did to the rest of the Internet by passing along all that spam while the relay was open.

Re:Some good, some bad... (1)

Finni (23475) | about 12 years ago | (#4237491)

Our mailserver was an open relay for some time (previous admin.) We got blacklisted. I gave everyone in the organization one week to turn on SMTP AUTH in Outlook, then required it at the server. Resubmitted our server for testing; got a clean bill of health in less than an hour.

Light week for the DNSRBL lists, maybe?

Shakespeare (0)

Anonymous Coward | about 12 years ago | (#4237207)

What did Shakespeare say?

The first thing we do, lets kill all the lawyers.

Re:Shakespeare (1)

stratjakt (596332) | about 12 years ago | (#4237345)

This is the most misused quote of all of Shakespeares work. The actual passage is a tribute to trial lawyers, and reads as follows:

Henry VI, Part II, (Act IV), Scene 2

DICK (the Butcher)
The first thing we do, let's kill all the lawyers.

CADE
Nay, that I mean to do. Is not this a lamentable
thing, that of the skin of an innocent lamb should
be made parchment? that parchment, being scribbled
o'er, should undo a man? Some say the bee stings:
but I say, 'tis the bee's wax; for I did but seal
once to a thing, and I was never mine own man
since. How now! who's there?

I won't bother analysing it for you.. There's plenty written on the subject, you can find google yourself, here's a decent start: www.howardnations.com/shakespeare.html

Don't be quoting authors if you haven't read and understood their works. It's tacky and demeans you.

Re:Shakespeare (1)

avante (524777) | about 12 years ago | (#4237535)

Hooray! I love the absence of the rule of law! It reminds me of Afghanistan and Nazi Germany and the Soviet Union.

No sympathy (2)

Todd Knarr (15451) | about 12 years ago | (#4237213)

I'm afraid I've got little sympathy for the author of the article. He is running an open relay. Yes, for someone to abuse it they've got to forge the headers. That spammers do this is news? I don't think so. So, he runs an open relay, it gets detected, he gets added to a blackhole list until he closes it, he's now upset that the list operator won't accept "Well, someone would have to lie to abuse my server, so it shouldn't count." as an excuse. Pardon my complete lack of sympathy for him. This isn't vigilante justice, this is simple shunning by the community. If he wants to restrict his server to authorized users, he should do just that. POP-before-SMTP and SMTP AUTH exist, they can be used. Requiring that someone forge his domain in a From: header is not securing a relay.

The blackhole list admins are completely correct (0)

tribulation (603316) | about 12 years ago | (#4237238)

His e-mail server isn't secure (it's accepting forged e-mails), meaning that it is a potential spam-source. Configure your server properly, end of problem - Anyone who runs a server exposed to the net needs to be sufficiently experienced to properly configure it - else they deserve what they get. The worst part of all of this, is that the guy won't even acknowledge that there is a problem, his reaction is to look into legal recourses. The morale of the story: if you're ignorant, sue to change the system.

Follow up article... (5, Informative)

silverhalide (584408) | about 12 years ago | (#4237249)

If you subscribe to New Architect, this guy wrote a followup article to this one after receiving a boat load of mail pointing out the he was in fact running an open relay. He admitted to being behind the times, etc, said he was sorry. He still doesn't take back the fact he's mad at the vigilantes out there. Sorry, there's no link yet, I think NA has a lag between the print and web editions.

Point being, if they can forge a header to get on your computer, a spammer can very easily do the same thing. An interesting thing on my campus is the technology department regularly scans and tries to hack into FTP sites running on campus, and sends an e-mail to the admins if they're successful. Some students got mad, but the moral of the story is, better to have someone trustworthy find your weakness rather than someone who's going to exploit it. This seems to be a new effective form of security that's emerging, since we can't depend everyone to stay up to date with the latest security issues, such as the Mr. Faussett in the article. I think vigilante is the wrong term, these blacklist ops are doing everyone a favor by helping to clean up insecure sites, which in the end saves everyone money. I propose we call them "Freelance Security Advisors" or something like that. :-)

Re:Follow up article... (0)

Anonymous Coward | about 12 years ago | (#4237476)

You could always do what I did to @Home. Everytime I would use usenet, they would probe my computer for NNTP servers. I finally got pissed at them doing this every five minutes (and filling my firewall log) so I did a transparent redirect to the chargen service from the scanning IP, any port. Let them have a mouthful of repeating characters.

SPAM and the dangers of blacklists (2, Interesting)

LinuxWoman (127092) | about 12 years ago | (#4237262)

Blacklists are a lot like a security blanket, they make you feel comfortable but they don't do anything about the real problems. A recent employer (a university) was placed on earthlink's blacklist simply because a customer had pressed a wrong button and reported an email to earthlink as spam. (Admittedly, the manager who insisted on handling the mailserver himself was technically clueless...but there wasn't any ACTUAL spam we could find traced to our server)

First off, why is earthlink who is the domain of quite a bit of spam itself running a blacklist? Secondly, why couldn't they have at least bothered to send a courtesy automail to let us know? We finally found out when the sender of the original "spam" tried to send another email to her friend at earthlink. At that time it took a series of calls to earthlink to even find the department we needed to talk to! And then I found out that we'd been on their blacklist for MONTHS!

Blacklists should be carefully administered and you should develop your own as it's really not that difficult to set up blocks for individual domains. Too many domains are blocked by error or because one company put another on a blocklist that got circulated but never bothered to circulate that spamming domain had been fixed and removed from teh list.

Of course, a contributing problem is that many mailserver admins don't bother to keep proper security (or even keep their security patches up to day) for their server. It's way too easy to find a mail server that is VERY open to people outside the actual domain. But any truly working solution to the problem will have to involve responsible actions on the part of the "blacklisters" and the mail admins.

Re:SPAM and the dangers of blacklists (0)

Anonymous Coward | about 12 years ago | (#4237416)

BULLSHIT. *One* spam report does not get you on a blacklist, unless you are an open relay.

Some of the lists are 'open relay' lists, and yes, if they confirm you are an open relay you will be listed until you have corected the situation, and properly requested a retest.

Most blacklists operate by IP address, not by domain - domains are (mostly) meaningless when it comes to stopping spam, as the spammers will change those 6 times a day.

Keep in mind that some of the blacklists are NOT just 'open relays', and a listing does not mean you are an open relay, and closing a relay isnt what it will take to get off that list. As upset as you might be that you think someone is 'interfering' with your mail (they arent - they just publish a list, it is the recipient or their ISP that choose not to accept mail from you), tkae the time TO READ the site or FAQ for the list you are on, and if you dont understand it, read it again. If you still dont understand it, they find someone who isnt a moron to help you understand it, then you will know what you need to do to get your IP's off that list.

not an interesting article (1)

Trailer Trash (60756) | about 12 years ago | (#4237276)

"An interesting article about how vigilante justice on the Internet by anti-spam advocates can be just as threatening to the Internet as those proposed for copyright advocates."

Sorry, it's an uninteresting article about a lawyer who doesn't understand how to configure a mail server, then blames his foibles on somebody else who's simply pointing out that he has an open relay.

If Bret has a lawsuit to file, then I have an amicus brief to file....

He just doesn't quite get it... (1)

eaolson (153849) | about 12 years ago | (#4237294)

From the article:
...the circle of people to whom I could send email started to shrink.

... I was no longer able to send email to many people in my address book.

The worst thing about being blacklisted, however, wasn't that I could no longer send email...

Granted, the damage caused by my inability to send an email is likely not terribly significant.
He can send all the email he wants. And the recipients of that email are free to reject it. Since his server is blacklisted (and it sounds like his server IS a relay, regardless of how many times he states that it isn't) there in an increased probability that any email coming from there is spam, and the recipient judged it accordingly. Deal.

Does anyone know what blacklist he's talking about? SPEWS is Russian. I don't know any that are Danish.

Ever changing Internet (1)

dazdaz (77833) | about 12 years ago | (#4237313)

Lets not get into a situation whereby only an elite class of people can stop the abuse of the Internet by knowing a special language called law.

It used to be that the technologists were the elite class of the online world, interestingly due to our ever increasing corporate world, the lawyers are one of the few with enough knowledge to have a chance of stopping this misuse of our treasured network.

I think the next few years will make country legal juristiction crystal clear for crimes committed on the Internet, but will take longer for laws to be passed and acted upon. I'd like to see agreed global unified laws for Internet and computer abuse. It's about time we took responsibility for this and tackled it now, not only for now but also proactively for the future as things will progressively get worse unless we take a stand today.

Here's a question for lawyers.

Could the United Nations pass a resolution to stop spam?

TCP/Intellectual Property? (0)

Anonymous Coward | about 12 years ago | (#4237316)

Bret is an intellectual property and Internet attorney ...

Goes to prove my assertion that most people who talk loudly of intellectual property are not intellectuals.

Legal Remedies (1)

walkerp1 (523460) | about 12 years ago | (#4237355)

Wouldn't the fact that he invited the Danish group to probe his mailserver seriously diminish his chances of suing for trespass? I can understand his angst...but can he understand mine? (You've got mail! 99.44% unsolicited, commercial effulvium, and one crucial e-mail which you'll unknowingly delete as well.)

SIG me, baby!

Vigilante Justince and the Wild West (2)

hillct (230132) | about 12 years ago | (#4237372)

There are a variety of solutions to the technical problems that arise from wide-ranging internet access by the public. Those of us who were using the net in the late '80s recall sending and recieving email, unincombered by large volumes of spam. As internet usage gained popularity, so to did unacceptable practices undertaken by businesses and indeviduals.

SPAM is as much a social problem as a technical problem. Blackhole lists attempt to solve the social aspects of the problem with a technical solution - the idea being that the sender of spam is shunned and ignored when trying to communicate. I don't have all the answers but solutions like Vipul's Razor [sourceforge.net] seem a bit more like technical solutions to the technical aspects of the problem.

Likewise, domain registration operates much like the wild west. He who hets there first, gets the loot. I was attempting to register an expiring domain at one point. It had expired 90 days previous and still had not been released by Verisign. I consulted my perfered domain registrar, who's generally vary helpful staff gave me this wild west analogy and suggested that my only recourse was to lodge a complaint with ICANN. We all know how helpful ICANN can be [icannwatch.org] ...

Any new technology opens up oportunities for baser elements of human nature to bear their collective ugly head. Over time the practices will iron themselves out and until then people like the lawyer, author if this article will probably have to suffer unless they want to contribute a positive solution. The Internet will eventually grow out indulging these childish behaviors but until then, we can only do what's best to protect ourselves from the poor choices of others.

--CTH

Oh, I pity poor Bret (1)

Laglorden (87845) | about 12 years ago | (#4237384)

Bret is an intellectual property and Internet attorney and also too stupid to realise he runs an open mail gateway. If you are going to write an article you should first get your facts straight i think...

OSDN banner ad not Y2K-compliant (0)

Anonymous Coward | about 12 years ago | (#4237440)

How soon we forget.

Re:OSDN banner ad not Y2K-compliant (0)

Anonymous Coward | about 12 years ago | (#4237457)

Oops! Wrong story.

Blocked by IP class? (1)

HutchGeek (597438) | about 12 years ago | (#4237446)

I've run into a sort of related problem. My ISP I use at home now uses a Danish reference list to help filter spam. Somehow, my work mailserver turned up on it. The reason? It seems to have a dynamic IP address. Granted, my work mailserver hangs off of a business DSL account which has a block of 16 IPs. Its behind my router/firewall running NAT. the reject message from my ISP is as follows : .. the remote server gave us this error response ... 554 Service unavailable; [xx.xxx.xxx.xxx] blocked using dynablock.wirehub.net, reason: Dynamic IP range listed by Wirehub! Internet DynaBlock - http://doema.wirehub.nl/error/errors.html#dynabloc k [wirehub.nl] So now I'm off to have fun to try to convince these people that just because it MAY be a dyanmic address, even though its a block assigned by my ISP, that they should remove me. Thier other solution? Find a relay server!!!

Shocking comments (1)

dazdaz (77833) | about 12 years ago | (#4237458)


From reading some of the comments, i'm quite surprised and shocked at the insensitivity and harshness of some people's posts. Whats with the "it's his fault, he deserved it attitude?". Is'nt the Internet all of our network and not his alone? Surely this makes it all of our problem and not just one persons. What happened to Internet camaraderie? Or has it become one for all and all for one on the high seas of the Internet, may the best Sysadmin win. I thought those days were long gone.

The Author Responds (1)

comeonpilgrim (139190) | about 12 years ago | (#4237467)

New Architect recieved a bunch of letters about that article and printed them in the October issue. Bret Fausett responded in the Letters section:

"When it comes to mail administration, it appears I've been several years behind the curve. My mail server software, circa 1996, was purring along quietly, so I never upgraded it to a version capable of a higher degree of authentication. I'm also old enough to remember when an "open relay" was a relay intentionaly left open, not one merely susceptible to misuse. Thank s to all of the reader who wrote to bring me into the new millennium. Both my software and my definition are now upgraded.

At the same time, I labeled the blackhole list operators "vigilantes" for good reason. It was always my understanding that if you lie about your identity to gain access to something that would be closed to you if you told the truth, you've done something wrong. That's tru whether you intend to send spam or prevent it. As vile as spam is, the ends don't justify the means. Regardless of whether my mail server used to be "open" or not, I stand by my analysis that placed legal responsibility on the blackhole operators who forged their identity."

Sensationalist half-wit gets published (2, Interesting)

Greedo (304385) | about 12 years ago | (#4237480)

This article really turned my crank. What a load of hogs-wallop. To wit:

For one, the Danish antispam organization falsified an email header to gain access to my mail server. Illegal access to a computer system is, if not a criminal violation, then a trespass on my private property.

Except that he previously admitted to asking the antispam people to check his mail server. So it isn't trespass if you invite them in. Or it's entrapment on his part, right?

As I've discussed previously in this space, one of the novel legal theories now catching on for these kinds of unacceptable accesses to computer systems is a centuries-old tort called "trespass to chattels." At a minimum, I ought to be able to sue the Danish company for the damage it caused me from its illegal access.

Alternatively, you could secure your f'ing mail server properly.

But in spite of all that, I could probably get an injunction, or least a dollar or two to compensate me for my injuries and establish that I have been wronged.

Always the lawyer ... :)

Who knows whether the organization is a real legal entity or just some name cooked up by a group of self righteous individuals.

At some point along here I gave up reading. This guy is a whining, deluded, litiginous fuckwad. And a bit xenophobic (maybe he had a bad experience with a Danish girl once ... I dunno). His actions are not only irresponsible, they are just plain stupid.

Okay ... I skipped to the end and read:

It isn't difficult to imagine that the RIAA could pressure a sufficient number of ISPs into subscribing to this copyright blackhole list and blocking access to their users, or to any traffic emanating from them.

Except (you half-wit), the RIAA would likely use pressure. The anti-spam list doesn't force ISPs to use it ... ISPs use it voluntarily. Hell, switch ISPs if you don't like the level of access they provide you with!

I hate spam as much as the next guy. If I found out my mail server was an open relay (which we did at one point), I sure as hell would spend my energies fixing the problem, rather than ranting about it and plotting a lawsuit.

I really hope that if he decides to take legal action, some judge with half a brain will say "You could've solved this yourself in half an hour ... Why are you wasting the courts' time?"

Sheesh.

Just a thought..... (4, Funny)

philkerr (180450) | about 12 years ago | (#4237501)

Should we recommend this guy to Bernie Shifman just in case he's still looking to sue people?

The danish criminal code of computer fraud. (0)

Anonymous Coward | about 12 years ago | (#4237546)

The danish criminal code says about computer fraud:
279 a. For databedrageri straffes den, som for derigennem at skaffe sig eller andre uberettiget vinding retsstridigt ændrer, tilføjer eller sletter oplysninger eller programmer til elektronisk databehandling eller i øvrigt retsstridigt søger at påvirke resultatet af sådan databehandling.
My own translation:
He who, in order to obtain gain for himself or others, illegally changes, adds or removes information or computer programs, or otherwise illegally tries to change the outcome of such, is to be punished for computer fraud.
IANAL, but in the article, the guy with an open relay arguments that the entry of his host is wrong, as he (falsely) does not consider his host an open relay. But if, as he says, the host is not an open relay, the blacklist is worth less, and nobody had any gain from including that host in the blacklist.

Publishing that article makes it almost impossible for this guy to get a conviction in a danish criminal court.

Also note that forging the headers of a mail that only is received by people knowing that the mail contains forged headers is not computer fraud, according to the above and danish criminal court practice.

Slashdotted.... Here's the article (1)

JT27278 (589969) | about 12 years ago | (#4237623)

Blind Vigilantes Blackhole lists offer dark prospects By Bret A. Fausett New Architect August 2002 Most of the email I receive these days is spam, yet I've never purchased anything advertised in a piece of unsolicited commercial email. I'm not even sure that I've ever clicked on a link sent to me in a piece of unsolicited commercial email. I haven't found any good method of blocking spam. Fortunately, I have a broadband connection, so things aren't as bad as they could be. But whenever I travel and find myself connecting via modem, I'm constantly frustrated by the significant amount of time I have to spend downloading junk mail, which is sometimes billed at exorbitant hotel or foreign telephone rates. So you'd think that I'd be somewhat sympathetic to the efforts of groups that create blackhole lists. For those of you unfamiliar with a blackhole list, it's a list that's typically maintained by volunteer antispam advocates. It contains the IP addresses and domain names of certain mail servers allegedly used to send unsolicited email messages en masse. When an Internet service provider subscribes to one or more of the blackhole lists, any inbound email to its service originating from a mail server on the lists is automatically rejected. The subscriber to a blackhole list doesn't filter based on the actual content of the email, just its place of origin, which makes this practice a fairly crude tool. It blocks all messages from specific locations regardless of content. Anyone who finds his or her mail server erroneously listed on a blackhole list can usually get off the list by establishing that he or she has remedied whatever server insecurity spammers exploited. At least that's how it works in theory. I don't run an insecure mail server, but mine recently found its way onto a blackhole list. I've tried to get off the list, but to no avail. I've become just another victim of vigilante justice on the Internet. The Wrong Guy One day back in March, I tried to send a friend of mine an email. It bounced. The mail server that rejected my message sent a polite note back explaining that the address of my mail server was now listed on its ISP's blackhole list. Over the next two weeks, the circle of people to whom I could send email started to shrink. Soon, even my father's email address was off-limits to me. The primary way to get on a blackhole list is to run an open relay. For various reasons having to do with access to networks and efforts to conceal their identities, senders of mass unsolicited email predominantly exploit such relays. An open relay accepts mail from anyone in the world and relays it to whomever is listed in the address. Most mail servers aren't open relays. They accept mail only from subscribers to that network's services, or from a set of persons specifically identified on the server. In spite of grass roots efforts to close the open relays, there are still more than a few of them out there. Not Guilty My mail server, however, was not an open relay. I have no idea who first submitted my name to a blackhole list operator in Denmark, but sometime in March of this year the operator added my mail server to its list. The first time the service was used to reject a piece of my mail, the rejection came accompanied by an explanation of why I was on the list and what I could do to be removed from it. The explanation was that I was running an open relay. How could I get off the list? That was simple, the message said. Close the open relay, and send a message to the operator's server asking to be re-scanned. Of course, as I mentioned, my mail server was never an open relay in the first place. So in response to the rejection message I received, I asked the blackhole list service if it would kindly re-scan my mail server and make another determination as to whether it was an open relay. I was sure that there had been some mistake and that on a second try, it would realize the error in its initial judgment. Shortly after I submitted my request, I sat down to monitor my mail logs. This time I saw the service in Denmark address my mail server. I watched my mail server accept the message and then pass the piece of email back to the Danish mail server. The Danish server promptly sent a message saying that my server was still operating as an open relay. How had it gained access to my mail server? Simple. It had forged the headers on its email to convince my mail server that the email it sent was from a permitted user. You see, my mail servers were set up to pass mail only from a domain name of which I am the only user. It blocks everything else. That's not an open relay. Unless you're a user in my domain, you can't use it. Blocked The group based in Denmark had pretended to be me, forged an email as though it had come from an address that only I am authorized to use, passed it through the mail server in my house, and then placed me on a list of people who should be blocked from sending mail. They circulated that list around the world. ISPs used by my friends and family here the United States subscribed to this list. Now, through no fault of my own--and in fact because of the trickery of Danish email activists--I was no longer able to send email to many people in my address book. It's hard to describe how angry this made me. The Danish consortium had lied about their identity, and I was paying for it. The worst thing about being blacklisted, however, wasn't that I could no longer send email, but that spammers began actively trying to use my mail server to send their spam. You see, blackhole lists work both ways. ISPs use it to block traffic, but as I've recently discovered, the spammers themselves use the lists as a kind of directory of servers to use for sending their mail. If you look at my mail server logs, you'll see that every few seconds or so, someone, somewhere tries to access my mail server and use it to send mail. Each time, without fail, my mail server declines the request and refuses to relay the requested message. It isn't an open relay. It's just doing its job. But my machine is bombarded with requests from all over the world from spammers seeking to use its minimal capabilities to send their penis enlarging, breast enhancing, get-rich-quick messages. My Rights But, hey, I'm a lawyer, right? I'm supposed to be able to solve this kind of dilemma. And there are a few things I could do. For one, the Danish antispam organization falsified an email header to gain access to my mail server. Illegal access to a computer system is, if not a criminal violation, then a trespass on my private property. As I've discussed previously in this space, one of the novel legal theories now catching on for these kinds of unacceptable accesses to computer systems is a centuries-old tort called "trespass to chattels." At a minimum, I ought to be able to sue the Danish company for the damage it caused me from its illegal access. Granted, the damage caused by my inability to send an email is likely not terribly significant. You can always pick up the phone, print the message out, and fax it or mail itÉor just use a different mail server. But in spite of all that, I could probably get an injunction, or least a dollar or two to compensate me for my injuries and establish that I have been wronged. The problem, of course, is that the loose organization of individuals who compiled the blackhole list is based in Denmark. Who knows whether the organization is a real legal entity or just some name cooked up by a group of self righteous individuals. However, they do have a domain name, and an IP address, and they circulate their work to ISPs around the world. In other words, there is a group for me to sue. But taking legal action on foreign entities is difficult. I would have to translate my legal documents into Danish. I would have to hire someone in Denmark to personally deliver these translated documents to the entity that I would be suing. That costs time and money. But I could sue them here in Los Angeles, California, that much I know. By sending their forged email through my mail server, which is located in my den in Los Angeles, they fulfilled certain California legal requirements that would let me sue them here. The connection to Los Angeles is also bolstered by the fact that I live here and my injury was suffered here. Of course, all of this is starting to sound like the kind of hypothetical legal conundrum that you might find on a law school exam. Problems like mine often remain hypothetical because the expense of bringing them to trial is so great, and the ability to gain any monetary relief from lawsuits is minimal. That's why the black hole providers have been able to get away with their vigilante justice for so long. For any individual user wronged by their efforts--and from what I understand, there are a lot of people in similar situations--the costs of pursuing these organizations, which are often located overseas, is too great. These groups of volunteer organizations have no assets to speak of--they are volunteers after all--and plaintiffs' lawyers are hesitant to take a case without the prospect of a lucrative damages judgment. The Case Before you think that this is all just about me and the fact that my father no longer receives any email from me, there are bigger policy implications for private individuals and companies that take steps to block connectivity. Much bigger. I've long championed the idea that the Internet should remain largely unregulated by governments. But at the same time, any private operator at an end point in the Internet's architecture can restrict the flow of content to a user. What's wonderful about the Internet is that it enables end-to-end communication from anywhere in the world to anywhere in the world. For all of the problems caused by spam, email is still the most widely used application on the Internet. So the idea that private parties could get ISPs to block some people from talking to other people should be deeply troublesome. The Danish blackhole list operators want to block access to computers that might be used for spam, but it's easy to imagine blacklists used for less noble purposes. For example, imagine that the RIAA compiled a list of IP addresses which, it contended, had at some time used peer-to-peer file sharing programs. Because these peer-to-peer systems could transmit copyrighted materials in a way that infringes on the copyright owner's rights, the RIAA could argue, those IP addresses should be blocked. It isn't difficult to imagine that the RIAA could pressure a sufficient number of ISPs into subscribing to this copyright blackhole list and blocking access to their users, or to any traffic emanating from them. Breaking end-to-end connectivity for any application, whether email or peer-to-peer or the Web, threatens the very thing that makes the Internet valuable. These are matters of principle. Which reminds me-- I have a lawsuit to file. Bret is an intellectual property and Internet attorney with Hancock, Rothert & Bunshoft. You can reach him at bret@lextext.com.

That noise you hear (0)

Anonymous Coward | about 12 years ago | (#4237632)

Is the sound of his domain being added to hundreds of private blacklists because he made a cartoony threat.

Welcome to the intranet, have a nice day.

Oh to be a Slashdot editor (1)

Paul Wright (21223) | about 12 years ago | (#4237647)

If I put "newarchitectmag spam" into Google groups, I find this thread [google.com] , where the article is demolished by various people who know vastly more about open relays than the author of the article (or, for that matter, Slashdot editors).

There's no excuse for failing to do even the most basic research before posting an article. Still, nice work if you can get it, I suppose.

Way too common (2)

Salamander (33735) | about 12 years ago | (#4237658)

I was recently a victim of this problem. A machine at my former hosting provider (JTLnet, and they were already my former hosting provider before this incident) got infected by an email worm, and started propagating to everyone in that machine's address book - which seems to've included their entire customer-contact list. Being a modern email worm, it picked one address from that address book to spoof as the source of the messages, and I was the "lucky" guy so I ended up getting all the bounce messages.

There's a lot more to the story, but it's mostly about JTLnet and it's not their faults that are relevant here. The more interesting story is the part played by Verizon (my DSL service provider). Here's a major provider to millions of people, and their mail server was set up so it would happily propagate the worm's spoofed emails. A little experimentation quickly revealed that as long as the original FROM line (the SMTP one, not the one in the header) matched my email address the message would go through, regardless of where the connection came from. Unbelievable.

There is the tiniest shred of an excuse, though. I do remember being annoyed when they shut off SMTP access from outside their network entirely, so I couldn't reply to messages received on that account while at work. However, there are other ways to deal with the problem without allowing worms to spoof email through subscribers' accounts. SMTP authentication would be the obvious solution. A web interface for subscribers to specify which hosts could send email through their account would also have stopped the worm in its tracks. There's no excuse for a provider employing that many people to take the cheesy way out.

Don't hire this guy! (1, Insightful)

Anonymous Coward | about 12 years ago | (#4237664)

Lets look at some of the things he says:

1."only I am authorized to use." Lets get this straight. I don't lock the door to my house, but I am the only one authorized to use it. I hire a security firm to test it (knowing full well that they publicize their results and what their methodology is). They test it and find it insecure. Hundreds of burglars then try to go in through my door and I sue the security testing firm.

2."For one, the Danish antispam organization falsified an email header to gain access to my mail server. Illegal access to a computer system is, if not a criminal violation, then a trespass on my private property." Of course he ignores the fact that he REQUESTED THEM TO TEST IT and they DO DESCRIBE there methods. How is a *requested* test illegal?

3."So the idea that private parties could get ISPs to block some people from talking to other people should be deeply troublesome."

4. "I haven't found any good method of blocking spam." Try CLOSING an open relay or using AUTH in order to verify that only authorized users are using your machine. That will help at least those of us getting spam relayed through you!

5. "I don't run an insecure mail server," Merely stating something does not make it so. If someone can relay mail through it, it is by DEFINITION insecure.

6. "My mail server, however, was not an open relay." Please look up the definition of an open relay, as above in #5

7. 'the spammers themselves use the lists as a kind of directory of servers to use for sending their mail." Duh.

If this guy is an IP and Internet attorney his firm is really scraping the bottom of the barrel.

Thank GOD I don't need him as an attorney.

Blacklists are problematic (5, Insightful)

Elias Israel (182882) | about 12 years ago | (#4237672)

The truth is that these home-grown spam mitigation methods do have their problems.

One of them is evident in the article: well-meaning users often do not understand what might be insecure about their server configurations, or what might need to be done to fix them. I am very comfortable with sendmail configuration, and I can tell you that setting up the authorizations correctly for mobile users to be able to send email safely is a narrow, twisty labyrinth in comparison to the big, flashing exit door marked "promiscuous relay".

Another problem in the home-grown nature of these solutions is the tendency for them to be personality-driven, instead of professional. Often, IP addresses (or even whole ISPs) are placed on blacklists because the blacklist maintainer does not mind creating a little collateral damage if they think it might create a little extra pressure on a spammer or an ISP.

Some blacklists have blocked out entire hosting companies, including some of the biggest ones on the net, simply because they did not think they acted with sufficient alacrity against spammers in their midsts. This kind of wild overkill is unfortunately too common, and perhaps it's a good argument in favor of for-profit blacklisting, which would probably exert some good influence on the question of list quality.

Earthlink rejects mail from any IP address that belongs to a dial-up pool that attempts to connect to their SMTP servers.

Ostensibly, this is done to reduce "direct-to-mx" spam, which is a very common spammer tactic. Unfortunately, it also makes life harder on the home linux enthusiast, or home business operator who might be running their own perfectly legitimate sendmail server. All part of the collateral damage in the spam wars: Internet access and Internet business are slowly becoming more expensive and possibly moving out of the reach of people with limited means.

So what should we do?

First, I think that current law against junk faxes should be extended to include junk emails. This would not eliminate spam, but it would give us the ability to correct the spammers who operate out in the open.

As a Libertarian, I want to jealously guard the right of the people to freedom of expression. But that right does not and cannot include the right to expropriate other people's time or money. You have a right to make your voice heard. You do not have a right to force me to pay for it.

Second, I think that we should be careful about the blacklists that we use, and prefer those operated by recognizable and accountable companies wherever possible.

Finally, I think that for the forseeable future, filtering at the user desktop will be necessary.

(Cards-on-the-table time: I am working on a new solution for end users to eliminate spam from their inboxes. It is based on a new method, and it will work for any user who uses a POP email account. It will be ready for public beta soon. Please write to me if you want to learn more.)

The struggle against spam is definitely picking up, and I think that a new equilibrium is approaching.

Load More Comments

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>