howto: Why I Won't Use SPEWS

agosto 08, 2003

Why I Won't Use SPEWS

silly email blacklist nazis, don't piss on our parade. Check the comparison of spews to scientology and this google cache

SPEWS.ORG is a shadowy internet organization, run by unknown people that provides IP blocklists for mail servers to use to filter out unwanted spam. SPEWS.ORG includes entire class c, b, and a subnets (ranging into the millions of IP addresses) in its blocklists if it means blocking only handfuls of spammers originating from within the subnet. Their blocklist includes entire states and entire service providers for countries ranging from Brazil to China. If you have DSL and are in Sao Paulo, Brazil you cannot send an e-mail to an administrator who is utilizing the SPEWS.ORG blocklist. To get off of the SPEWS.ORG blocklist you are told by the FAQ to post a request in either of two newsgroups frequented mainly by people not affiliated with SPEWS. When you post that you are not a spammer the people on these newsgroups will insist that it doesn't matter because you are supporting a spammer by using their hosting/service. Essentially there is no way to get off the blocklist without either switching ISPs or forcing your provider into doing whatever SPEWS demands of it, which ultimately boils down to SPEWS blackmailing people into fighting whatever ISPs they don't like.

google cache from a dead site --------

why i won't use spews

For awhile, the spam blocking rules configured in the clapper.org email server included data from the SPEWS database . However, in mid-2002, I removed use of the SPEWS database, because I believe the criteria for inclusion in SPEWS is too broad. This document explains why I no longer use SPEWS. (You're free to disagree with my position, of course, and I welcome well-reasoned, polite discourse on the topic. I will not respond to flames, though I will save--and possibly post--them.)

Regarding email blacklists

I am not against email blacklists. My mail server still uses other blacklists to screen and reject incoming mail, including a local blacklist I maintain solely for my own use. Blacklists can be a useful tool in the fight against spam. However, when using blacklists, one must balance the aggressiveness of the blacklist against the risk of rejecting legitimate messages (i.e., false positives). False positives are an unfortunate consequence of using any email blacklist; no blacklist is completely free of them. If you block email using a domain or IP blacklist, you run the risk of rejecting mail from a non-spammer. When using a blacklist, your goal should be to eliminate as much spam as possible, while minimizing the number of false positives. Those two goals are often contradictory, so using a blacklist can force you into a delicate balancing act.

No one blacklist can meet everyone's needs; different sites have different spam profiles. For instance, if you receive a lot of spam via machines in South Korea, and no legitimate email ever comes to you from that country, it might be perfectly safe for you to block all incoming email from South Korea. That same broad blocking policy is probably inappropriate for an ISP, and it's certainly inappropriate for a company that has customers in South Korea.

When using blacklists to control incoming spam, I believe the best approach is to use a local blacklist combined with several narrowly targeted blacklists. The blacklists should:
list the smallest possible set of addresses or domains necessary to accomplish the required block
have simple criteria and procedures for inclusion in and removal from the blacklist
fit well with your site's spam profile

It's especially important to be able to tailor and tune your spam blocking rules to maintain an appropriate balance between rejecting spam and rejecting legitimate email. You must be able to tune these rules on a site-by-site basis. Relying solely on someone else's spam-blocking policies is simply a bad idea.

SPEWS fails to meet those basic criteria.

"It's okay if innocent bystanders get caught in the crossfire."

There's no question that SPEWS is effective. It certainly managed to block spam that my other spam blocking rules did not catch. However, an SMTP server that uses the SPEWS data to block incoming email may also be blocking a surprising amount of legitimate, non-spam email. The SPEWS FAQ acknowledges this problem:

Q16: I'm not a spammer or spam operation... heck I hate spam, but my email is getting bounced by someone using SPEWS, or I can't access a website due to SPEWS based blocking.

A16: You maybe part of the rare "inadvertent blocking" that can occur when a spam friendly provider is listed in spews. Your best option is to try and educate your provider or switch to one who is not listed in SPEWS as spam friendly. SPEWS aims to avoid listing any non-spammer or non-spam support areas if possible - we just want to stop spam.

However, the FAQ is disingenuous here: It seems that part of the strategy of those who maintain SPEWS and those who use its data is to deliberately cause inadvertent blocking (which SPEWS previously called "collateral damage"). By inconveniencing non-spamming customers of spam-tolerant (or merely slow-to-respond) ISPs, the SPEWS enthusiasts apparently hope to bring economic pressure to bear on those ISPs. See, for instance, this article , posted to the news.admin.net-abuse.email newsgroup; in it, the author states, "it's called 'targeted economic pressure.' Only innocent victims would be collateral damage." The author of that article has conveniently redefined "innocent" to exclude anyone who happens to have an address within a blocked IP range.

As it turns out, I don't really have a philosophical problem with that approach, when it's applied by individuals. An individual is free to block access to his email in whatever manner he sees fit. I am free to configure my SMTP server or my mail reader however I choose. It's my computer, after all; I can put up as many "No Trespassing" signs as I wish. But the situation becomes murkier when the entity applying the block is an ISP that has made contractual arrangements with paying customers for email delivery. Many ISPs implement blanket spam-blocking policies without informing their customers of those policies or making any provisions for individual customers to customize the spam-blocking behavior. When those invisible spam-blocking measures include the use of SPEWS, the ISP will often block incoming mail from many non-spammers whose netblocks happen to be listed in SPEWS.

As the above news.admin.net-abuse.email shows, some SPEWS adherents rationalize inadvertent blocking by demonizing the victim. A non-spammer caught in the net isn't "innocent," because he is "knowingly" buying service from an ISP that supports, or at least doesn't actively quash, spammers. This news.admin.net-abuse.email article is another good example of that sentiment. In it, the author writes, "How can you claim to be 'collateral damage' when you are paying money to an upstream provider who supports spamming activities on their network? The money you pay them helps put turds in my inbox. So I don't see you as an innocent victim of SPEWS. Instead, I see you as a menace." This logic is roughly equivalent (in concept, though certainly not in scope) to justifying the bombing of innocent cilivians by saying, "It's necessary to bomb such a large target to put an appropriate level of pressure on their government. Besides, they're not really innocent; after all, they chose to live in that country." Another twist on this reasoning can be found in this newsgroup article . The author essentially argues collateral damage is okay, because an affected innocent bystander will either (a) leave the provider (retaining his "innocent" status) or (b) stay, knowing that he is supporting a "bad" ISP, which renders him no longer innocent.

This line of reasoning is overly simplistic. Despite what SPEWS fans argue, it's not always possible to determine ahead of time that an ISP hosts--or might, in the future, host--someone the SPEWS maintainers decide is a spammer. It's certainly possible to check out the ISP's Acceptable Use Policy, to determine its stance on spamming; however, it can be difficult to determine how well that ISP enforces that policy.

Also, like it or not, it's not always simple or straightforward for people or small businesses to switch ISPs. There are contractual and business issues that may prevent an innocent bystander from switching ISPs. Consider this scenario: Company A establishes a contractual relationship with an apparently responsible ISP and buys (well, rents) a block of IP addresses. Sometime later, the ISP plays host to a spammer and fails to terminate the spammer's relationship quickly enough for the SPEWS maintainers, who add some of the ISP's netblocks to the SPEWS list. Company A's netblocks happen to be in the range of blocked IPs. Because of the large number of organizations subscribing to SPEWS, Company A now finds that a considerable percentage of its outgoing email is blocked. Company A is now faced with the choice of fighting with its ISP (and enduring sporadic blocking of outgoing email while doing so) or switching providers, which has real economic impact.

If you think that situation is farfetched, here is one case where it has happened. Halliburton Systems is a small software consulting firm started in 1982 by Steve Halliburton . Halliburton's company was recently caught in the SPEWS net; with his permission, I've included some excerpts from an email exchange I had with him.

Excerpt #1:

Our address block is 63.220.34.0/24 and is contained within a larger block allocated originally to Cais Internet, later bought out by Ardent Communications. According to the SPEWS "evidence file" number S1352 the entire block 63.220.32.0-63.220.38.255 has been listed because of their displeasure with Cais' handling of an outfit called "fancypleasure" which seems to be located at 63.220.35.98-100.

There is no claim that there has been any problem involving our address block, only that we happen to inhabit the address space originally allocated to Cais. I fail to see that blocking our email has anything to do with their problem either with the "fancypleasure" people or with Cais/Ardent.

In their FAQ, SPEWS says, in effect, that our choice is either to spend our time/money/effort fighting with Cais or move to another ISP. ... Moving is not a simple prospect given that we have long-term contracts and have large complex systems that depend on the IP addresses we have used from our block. Aside from contractual penalties that would result from our moving, our contract is at a favorable price compared to current prices because it is older, so our monthly cost would go up considerably. We would also have to spend time and money making the change, operating two connections in parallel during the switch-over period, and so on.

Excerpt #2:

We have had several cases where our customers have not been able to receive an email service for which they pay us due to ISP filtering using SPEWS. None of these ISPs has made anything other than a token "get lost" response to my complaints.

Excerpt #3 (which describes an interesting reversal of the "collateral damage" economic pressure disincentive):

... The problem I have is with large ISPs who filter their users' email, often without telling them. ...

I received an email this morning asserting the right of an ISP to do exactly that; this was a case where their customer was paying us to send him some information in an email and he wasn't getting it. The ISPs answer to us was "tough luck". When our customer called and told the ISP he was dropping their service, things changed a bit. It turns out our customer had no idea the ISP was filtering anything, let alone our emails and he was quite annoyed. They now say they can "allow" the customer to receive our emails but he was so angry about this that he is switching anyway. I hope my efforts may have this effect elsewhere; here is irony in action: SPEWS causes those who use it to lose business.

The logic SPEWS adherents use to justify this collateral damage is apparently becoming more widespread. See, for instance, some of the following accounts:
Magdalena Donea posted a letter to Declan McCullagh's Politech mailing list, describing her own run-in with SPEWS. You can find her letter at http://www.politechbot.com/p-03741.html .
Noted Princeton professor and security researcher, Ed Felten , posted a couple of articles to the well-regarded Risks Forum , describing some problems he has had with the popular SpamCop service. The articles are at http://catless.ncl.ac.uk/Risks/22.19.html#subj7 and http://catless.ncl.ac.uk/Risks/22.21.html#subj4 . The second article contains responses Felten received from his first article; some of those responses contain the exact same logic SPEWS adherents use. Felten's rebuttals are interesting to read.
The Politech mailing list itself has been blocked by SpamCop more than once, an apparent innocent bystander in SpamCop's attempts to apply economic pressure on Declan McCullagh's ISP. To read one of McCullagh's accounts of his travails with SpamCop, check out http://www.politechbot.com/p-04121.html . There are some interesting follow-ups at http://www.politechbot.com/p-04126.html ,http://www.politechbot.com/p-04129.html and http://www.politechbot.com/p-04132.html .

It can be very difficult to get a netblock removed from SPEWS

Once a netblock is in the SPEWS database, it can be difficult and time-consuming to get it removed. SPEWS is not a formal organization; it is comprised of an undisclosed group of people who are surprisingly difficult to contact. There are no direct email contacts for the maintainers of the SPEWS data, and determining the identities of the SPEWS maintainers is a nontrivial task. No one will publicly admit to being one of the SPEWS maintainers.

The anonymity of the SPEWS maintainers makes a certain amount of sense, for them. Other blacklists (notably, MAPS ) have found themselves in the middle of time-consuming and expensive legal battles in the past. The SPEWS maintainers clearly seek to avoid that particular distraction. However, their anonymity means you cannot contact anyone official if you have a complaint about an item in the SPEWS database.

The SPEWS FAQ addresses this issue. It suggests posting a message to the news.admin.net-abuse.email newsgroup; however, it also notes (in more than one place) that doing so may not help. Here's a quote from SPEWS FAQ item A41:

Note that posting messages in these newsgroups & lists will not have any effect on SPEWS listings, only the discontinuation of spam and/or spam support will.

In other words, it doesn't matter if you're caught in the crossfire. Until your ISP reforms to SPEWS' satisfaction, you're unlikely to get any response (other than, perhaps, verbal abuse) by posting your message to that newsgroup--and posting to the newsgroup is your only hope of getting your netblock delisted.

SPEWS disclaims responsibility for its own data

The SPEWS position, frequently repeated in the news.admin.net-abuse.email newsgroup, is that SPEWS is just a set of published "opinions." Whether an ISP chooses to agree with those opinions (i.e., use the blocklist) or not is really the ISP's business. The SPEWS maintainers essentially disclaim responsibility for the data they publish. Consider these entries from the SPEWS FAQ :

A10: ... SPEWS is a list of areas of the Internet that some people do not wish to communicate with. Think of it as one group's Consumer Reports review of portions of the billions of Internet addresses. These are the ones SPEWS members have a poor opinion of. SPEWS is not anti-commerce and fully supports the USA's First Amendment and other nation's free speech protections. In fact, the USA's Supreme Court agrees with the SPEWS view. The creators of SPEWS are its main users and who it was designed for, if others decide to also use its data, they are exercising their own rights. No one is forced to use SPEWS.

A12: ... SPEWS is just an opinion report, used by some to filter Internet traffic, others to read for amusement, it was not created, intended, or used to libel or defame anyone.

A17: Unlike other block-lists, SPEWS does not take submissions or nominations. Entries in SPEWS are made by the people who run SPEWS for their own blocking and filtering needs. It is provided to the rest of the Internet as an educational tool, or an opinion to use if anyone wishes.

Unfortunately, that argument doesn't really hold water. SPEWS isn't merely "publishing an opinion." The SPEWS maintainers are compiling a database of alleged spammers, a database they know is used by numerous ISPs to block incoming email messages. Every time a SPEWS maintainer puts a netblock into the SPEWS database, he knows that the entry will cause numerous ISPs to block messages from any machine with an address in that netblock. Disclaiming responsibility for the accuracy of the data doesn't absolve the SPEWS maintainer of responsibility for the consequences of adding the entry to the SPEWS database.

Above, I mentioned Ed Felten 's rebuttal to some SpamCop adherents' arguments. One of those rebuttals addresses this issue:

Argument 3: SpamCop is just a clearinghouse for spam complaints and simply routes complaints that could have been sent even in the absence of SpamCop.

. . .

My response: SpamCop does more than just forward complaints. It anonymizes the complainant's address, thereby making it harder for the ISP receiving the complaint to judge the complaint's credibility. SpamCop puts the complaint on the Web for others to see. And SpamCop tries to find patterns among its complaints, and adds addresses to its block list based on these patterns. All of these factors contributed to my dilemma.

If SpamCop were merely a complaint router, then SpamCop would be ineffectual. It is SpamCop's "value added" that caused me trouble.

Argument 4: Blame the person who erroneously reported the "spam," don't blame SpamCop.

. . .

My response: This is really just a variant of Argument 3, and fails for the same reasons.

SpamCop is ultimately responsible for its reporting, too. The 911 analogy doesn't apply, since the phone company merely receives the report but SpamCop repeats reports and amplifies them. SpamCop took what would otherwise have been a private report, to be dealt with between the reporter and my ISP, and posted it for the whole world to see. And it gave the report increased credibility and force.

(See http://catless.ncl.ac.uk/Risks/22.21.html#subj4 for Felten's complete article.)

There's another logical inconsistency in the SPEWS argument. Applying "targeted economic pressure" (in effect, a boycott) only has a chance of working when a large group joins the boycott. The SPEWS maintainers may claim that they only maintain the database for their own use, but if that were true, the stated aim of applying pressure on "offending" ISPs would be a pointless exercise. That kind of pressure only works when a large number of people are using the SPEWS database. In other words, there's no point putting broad netblocks in the database if the database isn't used widely; the SPEWS maintainers rely on the widespread use of the database to apply pressure on ISPs that host spammers.

Conclusion

The SPEWS block list is too broadly targeted. Its overly-broad blocking policy significantly raises the risk of false positives; for that reason alone, I cannot justify using it. Worse, the rationalizations for that policy are typically disingenuous and self-serving. I cannot, in good conscience, use a blocklist whose maintainers deliberately raise the risk of false positives, while justifying their actions with what I consider to be suspect reasoning. I just want to reduce the amount of spam coming into my system; I don't want to join a witch hunt that doesn't mind occasionally hanging innocent people.

Links to Other Relevant Information
http://www. antispews .org/
There appears to be a small, but growing backlash against SPEWS. In October, 2002, a group calling itself " AntiSPEWS " registered the domain antispews .org and put up a web site that states, "Our mission is to get companies to stop using SPEWS as a filtering source because using SPEWS blocks legitimate e-mail from being read by its intended recipients."

original post ---------

This is a personal issue now for the staff of Something Awful because on July 20th SPEWS.ORG added a fat chunk of a class b subnet being hosted by our provider (Cogent Communications/New Horizons) to their blocklist. This fat chunk happened to include Something Awful, meaning that roughly 10-20% of our outgoing e-mails would bounce. This is a pretty major problem when you consider that registering a SA Forums account requires an email confirmation, and when users fail to get this confirmation because SPEWS has blocked it, they complain to us , and we have no way to explain why they're not getting our emails because, hey, they can't get our emails. One look at their newsgroup told us what the response would be from SPEWS when we requested that they whitelist us; they wouldn't. Those of you who have been reading Something Awful for a considerable length of time might remember that around two years ago Something Awful could not stay on a host for more than a month or two. We were shuttling from ISP to ISP and dumping money down holes that often ate that money and closed completely. At one point we even pre-paid for three months of hosting at one provider and received no service, the host just disappeared off the face of the planet. When we signed on for Cogent we expected the same but were pleasantly surprised to find relatively decent tech support, uptimes, and best of all, a colo facility near to some of our techs who could go on site if need be.

My penis just can't get big enough. It's like eighty feet long after buying into all these transparent enlargement scams.
On an average month Something Awful's servers move over 4 terabytes of information. When you tell John Q. ISP that you need a 100mbit dedicated connection and the ability to shift 4+ terabytes a month downstream he will shit his pants. I know; I cold called about a dozen feasible ISPs years ago when we were looking for a solution to our problems and most did not return my call requesting a quote either because they thought it was a joke or because they knew they couldn't handle it. On top of this what few hosts did return our calls tended to have outrageously expensive prices. We do not live high on the hog here at SA, we have a revenue stream and it's healthy, but we cannot afford most premium collocation services. The whole "free entertainment industry" doesn't really fork out the big bucks.

After being on the SPEWS blocklist for over two weeks I suggested on our forums that the users head on over to the two newsgroups frequented by SPEWS and take advantage of the free newsgroups generously provided to us. Childish? Probably, but we've never been ones to deal with problems and leave our sense of humor behind. Naturally the arrival of over 1500 off topic posts on the SPEWS newsgroups was not well received and our servers were promptly DDoSed while I was signed up for about 100 spam e-mail lists in the span of five minutes. The irony of both of these incidents wholly escaped the SPEWS advocates who claimed it was no doubt some spammers lurking on their newsgroups or even our own users trying to give them a bad reputation. Personally, I don't think spammers or SA users need to do much to earn SPEWS a bad reputation, I think anyone who has dealt with SPEWS knows that it blocks nearly as much legitimate e-mail as it does spam. In fact I received dozens of e-mails from network admins working for companies large and small who said exactly that with most also emphasizing that "only a lazy idiot" - to quote one of the e-mails - would use the SPEWS listing on their network.

Awesome! My FREE PASSWORD IS HERE!
I'm not so sure about that, as funny as it seems to me now. I think a lot of network admins are simply ignorant of the damage SPEWS can do to their company and their users, which is why I am writing this piece. SPEWS provides a blocklist with zero oversight, zero accountability, and zero recourse for average users caught between their ISP and SPEWS.ORG's moral crusade. SPEWS will tell you that you in fact do have recourse and that is to switch ISPs. For Something Awful that is not economically feasible, for users in the nation of Brazil where their entire broadband provider has been blacklisted that is impossible. In addition to all this most of the SPEWS advocates on the newsgroups we so unceremoniously invaded demonstrated a willingness to add IP ranges to their own blacklists and potentially SPEWS for petty personal reasons. Complain about how SPEWS operates? Get added to the blacklist, often permanently, while they pretend that it somehow makes your situation worse.

I personally found the church of Scientology's lawyers a lot scarier than a bunch of arrogant nerds on Usenet, and we sure as hell didn't back down from them. In fact I find SPEWS.ORG's ham-fisted approach to fighting spam eerily similar to the Church of Scientology, so much so that I think it's time for a little compare and contrast.

There are a number of sites devoted to exposing SPEWS.ORG for the travesty and complete madness that it is. While I would love to do nothing more than devote Something Awful wholly to the cause of seeing SPEWS.ORG rendered obsolete and pointless we have a business to run and can't spend all day playing in the nerd sand box with the Usenet cretins. If you would like more evidence I would suggest you check out one of the following sites:
Spews Linked to Spammers
An overly insane but interesting anti-SPEWS site
A Google Cache of one of several anti-SPEWS sites driven under by SPEWS and its cronies
A Register article on the fight against SPEWS
A great Chicago Tribune article on the damage spam-blocking can do
A similar ZD Net article about the same topic
Yet another article about out of control anti-spam policies
Oh, but I am nowhere near done yet. After digging through those sites I did some digging of my own and discovered a number of fun facts about SPEWS and the shadowy cabal behind it.

A Body Thetan is unleashed after you beat it up and it flashes red and gets bigger.
FUN FACT NUMBER ONE: Usenet advocates of SPEWS write anti-spam erotic fanfiction. You thought nothing could top those Pretender/Stargate SG-1 slash crossovers you've read, well time to reconsider. Keep in mind that every single one of them combines sadism with a healthy dose of self insertion. Here's a sample from "Dalliance Hosting" by Peterp@linux-superhost.com.
Sara rang the doorbell nervously. She couldn't believe that just yesterday she had been sending out bulk e-mails promoting her webcam. Now that she had seen the truth she wanted nothing more than to show her gratitude to Peterp however he demanded.

"Kneel before Fenris," said the leather clad man who answered the door.

She obeyed him and he attached a leash to her neck.

"Now you shall service my mighty staff," he sat in a Stanheyser ergonomic leather executive chair, his legs spread, and he unbuckled the clasp on his codpiece.

She was in awe of the sheer size, she had never seen a doohickey so big and as her lips parted to touch his thingy she could hear the cronjobs clicking softly away in the background. They were a hypnotic lull.

"Yes Sara," murmured Fenris/Peterp, "soon you will be mine entirely."

His thing was really, really big. Like at least twenty inches.
I don't know about you but if I had a gasket you could consider it fully blown. I don't think I even have to tell you how much steam is emerging from my starched collar as I pull it away from my neck with my index finger!

FACT NUMBER TWO: SPEWS.ORG was founded and financed by seven men in Southern Russia who formed a sort of commune near the Caucuses. All of them were wealthy American expatriates who fled the country for child molestation in the early nineties. From their bizarre cult-like home they founded two newsgroups and their supposedly anti-spam system in an effort to slowly erode e-mail traffic on the internet until only their own private server remained unblocked. Once every other server on the internet is shut down the seven men plan to begin spamming all e-mail addresses around the world with advertisements for their "Preteen Russian Brides" service. Desperate to receive any e-mail whatsoever, nerds will finally embrace the cause of child molestation completely and the seven will return to America as conquering heroes.

FACT NUMBER THREE: Network admins who use the SPEWS.ORG blocklist are seven times more likely to die unloved and alone than those who either use no blocklist or one of many less draconian SPEWS alternatives.

FACT NUMBER FOUR: Network admins who use the SPEWS.ORG blocklist are thirty eight times more likely to attempt to hot glue a realistic latex vagina to a skateboard and call it by their mother's first name will having intercourse with it than those who either use no blocklist or one of many less draconian SPEWS alternatives.

FACT NUMBER FIVE: One in three people who have permanently blacklisted someone for complaining that SPEWS is unfair have also been arrested for attempting to coerce sex from zoo animals. Nine out of ten of these people have also been imprisoned for failure to pay child support to sea turtles.

Your average SPEWS user.
FACT NUMBER SIX: The anti-spam people on the SPEWS related newsgroups don't just post social security numbers and credit card numbers of suspected spammers, they also post photos of suspected spammers going to the bathroom. That doesn't seem that bad until you realize that they could not have possibly had a camera there, bringing me to the next fact.

FACT NUMBER SEVEN: Proponents of SPEWS to a man worship dark powers and perform occult rituals in the privacy of the basement apartments they are renting from their parents. SPEWS supporters have also participated in no less than 800 leprechaun abductions over the past decade and it is suspected that they can astral project.

FACT NUMBER EIGHT: If you run a network with any significant number of people using the SPEWS blocklist will cause them to be murdered one after another by a mysterious black cloaked vigilante called The Night Shadow. No matter how hard you attempt to track him down he will always be one step ahead and will taunt you by posting photos of the victim on hot-or-not and then e-mailing you through anonymous proxy.

FACT NUMBER NINE: One thousand monkeys on one thousand typewriters are significantly better at differentiating spam from legitimate e-mail than SPEWS is. In fact SPEWS is so horrible that tests run at our Loc Cruces facility indicated Wil Wheaton's severed hand, while completely motionless, is still better at picking legitimate e-mails out of blocked spam.

FACT NUMER TEN: SPEWS supporters are intensely interested in Dungeons & Dragons but they make really shitty players because they always power game barbarians and roleplay their characters by screaming whenever the dungeon master is describing a monster. They also keep up constant pressure to have adventures revolve around rescuing unconscious female elves and demand first pick on all treasure. Hey, don't look at me like that, I'm just telling you what I found out.
That's all fun and games but the bare fact is that a lot of sites you may or may not enjoy have run into trouble with SPEWS and may still be blacklisted by them. I'm sure if it wasn't written in stone already this update has pretty much guaranteed Something Awful's permanent entry into the SPEWS hall of fame. Worth 1000 is also currently in an IP range being listed by SPEWS, Fark has been in the past, and some day your server may be blocklisted too. Getting off that list may be as easy as tracking down one spammer on your own private network, or it could be a task that leads to your business going bankrupt. Hell, your network may even clean up their act but SPEWS might just have a grudge against it and decide to never whitelist it.

We're on the list probably forever, and that doesn't really bother me since thanks to support from web sites who know about the crap we've gone through in the past we can now wholly ignore SPEWS blacklisting. That doesn't lessen my determination to put a stop to this mysterious geek cabal, because your server or ISP might show up on that list next. Boycott SPEWS if you make network admin decisions, boycott companies that use SPEWS if you're in the market for an ISP, and most importantly inform yourself about the anti-spam techniques your ISP is currently using. You vote with your money in the market so use it to vote against SPEWS.

Posted by skp at agosto 08, 2003 10:41 AM | TrackBack

Comments