Path: uni-berlin.de!fu-berlin.de!headwall.stanford.edu!newsfeed.stanford.edu!postnews1.google.com!not-for-mail From: a_s@softhome.net (Anatoly Sennov) Newsgroups: news.admin.net-abuse.email Subject: SPEWS : S2407 Date: 29 Jan 2003 22:34:28 -0800 Organization: http://groups.google.com/ Lines: 14 Message-ID: <5344dc83.0301292234.32d7854f@posting.google.com> NNTP-Posting-Host: 217.107.191.9 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Trace: posting.google.com 1043908468 16341 127.0.0.1 (30 Jan 2003 06:34:28 GMT) X-Complaints-To: groups-abuse@google.com NNTP-Posting-Date: 30 Jan 2003 06:34:28 GMT Xref: uni-berlin.de news.admin.net-abuse.email:1910396 Hello, (repost, the yesterday post didn't make it through the Google) I am the system administrator of k2s.ru. Today I've found that the IP range 213.59.173.0 - 213.59.173.255 is in the spews.org's list. Our mail server operates under IP address 213.59.173.125 (k2s.ru) so our email users are being suffered. The SPEW's evidence file (S2407) lists the mx100.permissionemails.com ([213.59.173.110]), not us and we have no relation to that host. We're not spammers, SPEW didn't send us any abuse@ letter, please exclude our host from the list. --Anatoly Sennov (anatoly at k2s.ru) k2s ltd === Another post === Path: uni-berlin.de!fu-berlin.de!headwall.stanford.edu!newsfeed.stanford.edu !postnews1.google.com!not-for-mail From: a_s@softhome.net (Anatoly Sennov) Newsgroups: news.admin.net-abuse.email Subject: Re: SPEWS : S2407 Date: 30 Jan 2003 06:11:33 -0800 Organization: http://groups.google.com/ Lines: 51 Message-ID: <5344dc83.0301300611.4dcf546d@posting.google.com> References: <5344dc83.0301292234.32d7854f@posting.google.com> NNTP-Posting-Host: 217.107.191.54 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Trace: posting.google.com 1043935893 20803 127.0.0.1 (30 Jan 2003 14:11:33 GMT) X-Complaints-To: groups-abuse@google.com NNTP-Posting-Date: 30 Jan 2003 14:11:33 GMT Xref: uni-berlin.de news.admin.net-abuse.email:1910517 Sam wrote in message news:... > Not exactly. > The SPEWS evidence file lists smolensk.ru, for the affected netblock: > 1, 213.59.172.0 - 213.59.174.255, smolensk.ru (mx100.permissionemails.com) > ^^^^^^^^^^^ > > have no relation to that host. > > Yes, you do. You are hosted by smolensk.ru Not correct. We use their collocation service. They leased us IP, gave Ethernet port and we pay for the pipes. They simply cannot command us what to do with our own server and our own traffic as long as we pay the bills and don't break our country's laws. > > > We're not spammers, > > SPEWS is not a list of spammers. > > SPEWS lists entire network providers that refuse to terminate their > spamming customers. Thus (jointly with dumb mail server admins) effectively blocking the communications between innocent users (and content providers). > > please exclude our host from the list. > > Why? What makes smolensk.ru so special that they should be permitted to > allow their spamming customers to crap into everyone's mailboxes?? Methink it's the user who should decide if (s)he wants that crap or not. Not the smartass admins from nowhere thinking: I'm a God and they all are BAD. I've read some articles in this newsgroup and found that the most crushing argument is "these lists are our own opinion and noone is forced to use them". The only thing forgotten - it's the admin who's not forced, not the user. When admin blindly configures the blacklist lookup for his MTA he forces all his users to be bound by the SPEWS's policy. spews.org advertizes the usage of lists but doesn't clearly explain (for dummies) the consequences of such usage, i.e. that NOT ONLY bad guys will be filtered out. > If smolensk.ru wants to be delisted by SPEWS, they need to shut down their > spammers. Go bitch to them. I've contacted them. Hope this issue will be resolved. --Anatoly Sennov k2s ltd === My reply === Path: uni-berlin.de!cust-62-219-88-92.cust.bezeqint.NET!not-for-mail From: Dolphin Newsgroups: news.admin.net-abuse.email Subject: Re: SPEWS : S2407 Date: 30 Jan 2003 21:35:22 GMT Organization: Private person Lines: 125 Sender: Alexander Sheremet Message-ID: References: <5344dc83.0301292234.32d7854f@posting.google.com> <5344dc83.0301300611.4dcf546d@posting.google.com> NNTP-Posting-Host: cust-62-219-88-92.cust.bezeqint.net (62.219.88.92) X-Trace: fu-berlin.de 1043962522 35389803 62.219.88.92 (16 [104765]) X-SPEWS: I am not X-newsgroup: news.admin.net-abuse.email X-PGP-key: 0xAAE2A579 X-PGP-key-fingerprint: 5B8E 3B28 7199 8CD3 4133 FA87 000B 0FB6 AAE2 A579 User-Agent: slrn/0.9.7.4 (Linux) Xref: uni-berlin.de news.admin.net-abuse.email:1910828 On 30 Jan 2003 06:11:33 -0800 Anatoly Sennov wrote in message <5344dc83.0301300611.4dcf546d@posting.google.com>: > Sam wrote in message news:... > >> Not exactly. >> The SPEWS evidence file lists smolensk.ru, for the affected netblock: >> 1, 213.59.172.0 - 213.59.174.255, smolensk.ru (mx100.permissionemails.com) >> ^^^^^^^^^^^ >> > have no relation to that host. >> >> Yes, you do. You are hosted by smolensk.ru > > Not correct. We use their collocation service. They leased us IP, gave > Ethernet port and we pay for the pipes. They simply cannot command us > what to do with our own server and our own traffic as long as we pay > the bills and don't break our country's laws. They well-damn can command you what to do with *THEIR* IP. When they lease their IP to you, they also tell you how you can and how you can not use it. If you violate their rules, they can (and should) take their IP back. >> > We're not spammers, >> >> SPEWS is not a list of spammers. >> >> SPEWS lists entire network providers that refuse to terminate their >> spamming customers. > > Thus (jointly with dumb mail server admins) effectively blocking the > communications between innocent users (and content providers). Yeah, so the smartass admins like you will stay blocked for not knowing how Internet works. Go ahead, piss off more admins. They will sure not block your network from ever reaching their ones (yeah, sure!). >> > please exclude our host from the list. >> >> Why? What makes smolensk.ru so special that they should be permitted to >> allow their spamming customers to crap into everyone's mailboxes?? > > Methink it's the user who should decide if (s)he wants that crap or > not. Really? When from it's *users* that own those networks, and not the people who run networks, buy new hardware, that they own? Communism is long time in the past, it's time to get used to such things as a "private property" already. > Not the smartass admins from nowhere thinking: I'm a God and they > all are BAD. The owner of a network *is* a "God" for it. By the private property rules. The owner of a network is free to do anything they want, and call whoever they want as being BAD. > I've read some articles in this newsgroup and found that > the most crushing argument is "these lists are our own opinion and > noone is forced to use them". The only thing forgotten - it's the > admin who's not forced, not the user. The user has no word in how the owner of a network runs it. If a user does not like the rules of that network, they are *free* not to use it. Nobody forces them to stay and use it. > When admin blindly configures > the blacklist lookup for his MTA he forces all his users to be bound > by the SPEWS's policy. The admin owns his network. The admin sets up any rules they wish. By signing up the contract, users agree with these rules. Nobody forces users to sign up the contract they don't agree with. http://www.spews.org/faq.html Q19: I've found that my ISP/Host/etc. is using SPEWS to block/filter email and I don't like that! A19: You can ask them if they are able to just "tag" the incoming email as possible spam instead of bouncing it. If they are unable to do this, we are sure there are plenty of ISPs/Hosts/etc. who do not use SPEWS and would welcome you as a customer. > spews.org advertizes the usage of lists but doesn't clearly explain > (for dummies) the consequences of such usage, i.e. that NOT ONLY bad > guys will be filtered out. Any dummy who can read, will clearly see this, by reading SPEWS FAQ: http://www.spews.org/faq.html Q27: If I use SPEWS, is there an chance that non-spam email will be blocked? A27: Yes. If you rely on the information supplied by SPEWS (or almost any block-list), you have chosen to reduce your email connectivity and refuse email from certain sources based on the information we list. We do not warrant that the information we provide is complete or accurate - how you choose to use it is up to you. Any dummy who is dumb enough *not* to see this, has only themselves to blame for the consequences. SPEWS is not a babysitter for them. >> If smolensk.ru wants to be delisted by SPEWS, they need to shut down their >> spammers. Go bitch to them. > > I've contacted them. Hope this issue will be resolved. > > --Anatoly Sennov > k2s ltd It was the only line you had to post. But by insulting quite a lot of admins you have only reduced the connectivity that you had before they have dropped your network into their local deny tables. As they say: "Enjoy your intranet". Dolphin. -- URL: http://www.DolphinWave.org Mail: on the web page (no spam) ICQ: 6615461 === k2s ltd replies === Path: uni-berlin.de!fu-berlin.de!headwall.stanford.edu!newsfeed.stanford.edu !postnews1.google.com!not-for-mail From: a_s@softhome.net (Anatoly Sennov) Newsgroups: news.admin.net-abuse.email Subject: Re: SPEWS : S2407 Date: 31 Jan 2003 00:50:45 -0800 Organization: http://groups.google.com/ Lines: 107 Message-ID: <5344dc83.0301310050.24ee5937@posting.google.com> References: <5344dc83.0301292234.32d7854f@posting.google.com> NNTP-Posting-Host: 213.59.173.48 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Trace: posting.google.com 1044003045 16881 127.0.0.1 (31 Jan 2003 08:50:45 GMT) X-Complaints-To: groups-abuse@google.com NNTP-Posting-Date: 31 Jan 2003 08:50:45 GMT Xref: uni-berlin.de news.admin.net-abuse.email:1911237 JHiggins@Polarbay.com (Jeff Higgins) wrote in message news:... Dolphin wrote: > They well-damn can command you what to do with *THEIR* IP. When they lease > their IP to you, they also tell you how you can and how you can not use it. > If you violate their rules, they can (and should) take their IP back. If I would spammer I'd ask: "How sending email may violate my ISP rules ?" You think that if it is spam for you than it is spam for everyone in the world ? You're wrong. When I receive the drug pill ads I firstly try to unsubscribe, then go to my service provider (it's me :-) and ask him to take measures - block it for *me*, not any other user of our server. Maybe they want to receive such letters, or search for the elixir of life - I don't know, it's their business. Yes, we pay them for our traffic, and they pay to RosTelecom for their's. So why not list all of the RosTelecom networks and all their subISPs ? They all pay to each other. MB wrote: > If you own the netblock you wouldn't be blocked, but you don't because > they're your ISP. In other words: pay for C network and you'll be safe ? Some kind of racket, IMHO. We may buy the C class network and they still will be our ISP (our commercial relationships will not change, except one line in the contract) but we only need 4 IP's, why buy more ? Jeff Wynn wrote: > In the corporate environment, this choice can be deliberate, and > made by management. In the ISP business, customers are asking for, > and getting this type of DNSbl. Finally, the choice by a business to > use SPEWS is *never* "blind". So you were saying? It's the truth, but not all of it. In the corporate env, the Big Boss comes to admin and says: "I want that shit no more!", "OK" - says admin - "It's as easy as to uncomment 3 lines in config and we will be perferctly clear of that shit, so said in docs, amen." After the month the Big Boss comes again - "My virtual lover deserted me - no single letter in more than 3 weeks, and in addition we've lost some of our customers !" In the free mail service they think: "Let's cut the spam - it doubles our incoming traffic we pay for." And user suddenly stops to receive letters - "He won't talk to me, moron! What the f*ck is going on?" - they "just forget" to explain to users how the service had changed. (BTW, I've got two such letters while typing this article, one from my correspondent and one from my user). Jeff Wynn wrote: > Didn't read the FAQ, did you? Robert Myers wrote: > Q27: If I use SPEWS, is there an chance that non-spam email will be blocked? I did. I meant that it should not be just Q**27** of the **FAQ**. It should be the very first phrase on the spews.org. Preceded by

Think before you will use this.

. After all, who the hell do read the FAQ up to Q27 (except me :-) ? MB wrote: > The world is full of stupid people, there for "we" should not use/create > black lists because stupid people might use them? You may do whatever you deem useful, but must be aware that stupid people will use it in the worst possible manner. May be it worth to maintan the list of "best practices" for use of SPEWS or other such list. I mean, right on the spews.org/filter.html Dolphin wrote: > Yeah, so the smartass admins like you will stay blocked for not knowing > how Internet works. Go ahead, piss off more admins. They will sure not > block your network from ever reaching their ones (yeah, sure!). Such admins should remember that their customers are the ones who finally pay for their new hardware toys. > When from it's *users* that own those networks, and not the > people who run networks, buy new hardware, that they own? Communism > is long time in the past, it's time to get used to such things as a > "private property" already. Please, don't use the words you not fully understand. For me, the SPEWS, ruled by anonymous admins, maintaining blacklists of "evil" networks, advertizing the self-isolation is more perfect match to communism. But your users pay you for connectivity and freedom of relations. Jeff Higgins wrote: > > Oh Anatoly ..... this isn't helping .... > > Received: from mx100.permissionemails.com ([213.59.173.110]) b Did you complain to smolensk.ru ? How ? What did they answer ? Or you just listed them automatically ? And we are automatically evil too because we just use the IP from the "evil" range ? Isn't something wrong with your ethics ? I'm not angry, just curious. --Anatoly Sennov k2s ltd === My reply === Path: uni-berlin.de!cust-62-219-88-92.cust.bezeqint.NET!not-for-mail From: Dolphin Newsgroups: news.admin.net-abuse.email Subject: Re: SPEWS : S2407 Date: 31 Jan 2003 14:14:37 GMT Organization: Private person Lines: 270 Sender: Alexander Sheremet Message-ID: References: <5344dc83.0301292234.32d7854f@posting.google.com> <5344dc83.0301310050.24ee5937@posting.google.com> NNTP-Posting-Host: cust-62-219-88-92.cust.bezeqint.net (62.219.88.92) X-Trace: fu-berlin.de 1044022477 35311529 62.219.88.92 (16 [104765]) X-SPEWS: I am not X-newsgroup: news.admin.net-abuse.email X-PGP-key: 0xAAE2A579 X-PGP-key-fingerprint: 5B8E 3B28 7199 8CD3 4133 FA87 000B 0FB6 AAE2 A579 User-Agent: slrn/0.9.7.4 (Linux) Xref: uni-berlin.de news.admin.net-abuse.email:1911322 On 31 Jan 2003 00:50:45 -0800 Anatoly Sennov wrote in message <5344dc83.0301310050.24ee5937@posting.google.com>: > If I would spammer I'd ask: "How sending email may violate my ISP > rules ?" And if you want your e-mail to be *delivered* to the recipient, you better also think: "Will sending this e-mail violate *their* rules?" Cause if you do not care about it, they will simply stop accepting e-mails from you. The same goes about your ISP setting up their rules. If they are not going to think about the other networks that they want to communicate with, they will be denied the access to those other networks. Internet is a cooperation of private networks. When one of the networks do not want to play nice with others, other networks turn their "backs" to it, denying any connectivity from that network. > You think that if it is spam for you than it is spam for > everyone in the world ? You're wrong. It might be 10 times not spam for everyone in the world - I do not care, as long as for me it is spam. And I also do not reject e-mails for everyone in the world, only for my mailservers, that I own. The same goes about *every* SPEWS user. They use SPEWS only on the networks they control, and they have all the rights to do so. > When I receive the drug pill ads I firstly try to unsubscribe, You probably like to have your e-mail address confirmed with spammers to be active, and read by the live being, and so - resold to other spammers for high prices of "confirmed 100% active accounts". By unsubscribing from a thief and a criminal's list you do exactly that. I do *not* trust spammers, who already have violated my privacy by spamming me. > then go > to my service provider (it's me :-) and ask him to take measures - > block it for *me*, not any other user of our server. Maybe they want > to receive such letters, or search for the elixir of life - I don't > know, it's their business. And if your service provider (that is not you, but the one who provides you with the Internet connectivity) will decide that the spam from some place is not worth constant servers' upgrades and buying more and more disk space, they will block that spammers-infected space, and will not ask you if you would like it or not. Cause it is their servers the spam passes through, causing them monetary damages, crashed servers, etc. End users are not stock holders or co-owners of the provider, so they have no words to say on how the provider should run their networks. > Yes, we pay them for our traffic, and they pay to RosTelecom for > their's. So why not list all of the RosTelecom networks and all their > subISPs ? They all pay to each other. Wait till the whole Smolensk's IP space will be blocked for spam-support. Then complaints will start rolling to RosTelecom to disconnect... no, not the spammer that Smolensk refuses to terminate, but the Smolensk' servers, itselves, for being a spam-haven. And RosTelecom's space will begin to be listed in SPEWS the same proved to be working way. Be careful what you ask for - you may not like the results. > MB wrote: >> If you own the netblock you wouldn't be blocked, but you don't because >> they're your ISP. > > In other words: pay for C network and you'll be safe ? Some kind of > racket, IMHO. > We may buy the C class network and they still will be our ISP (our > commercial relationships will not change, except one line in the > contract) but we only need 4 IP's, why buy more ? If you do not *own* something, but just lease it from somebody else, you will bear the consequences of that somebody's bad deeds. If you want to be treated for only the behaviour of your own network, you should own the network space. By the way, the so-called "class C" (the outdated definition of networks, now CIDR naming is used instead), or as it's being called now, /24, is not enough to get your own IP range from ARIN (or RIPE). You should apply for /16 IP space (older "class B"), with the proof that you will use (what were the numbers?) 2/3 of the space in the first year. Which means that your network is too small to be an independent "cell" on the Internet, and you should use other networks to be your upstreams, not peers. To give some analogy, if you don't have enough money, you can't open your own business, but should work for some other business instead. Now think, that business caused a lot of anger to people around, so they will throw stones at anybody related to that business, even you. Yes, you probably did not anger anybody, and even you are not related to what that business does, or what policies they have. You just work there. But you will be hit with boycots, road pickets, anyways. Don't want to be associated with the business' wrong-doing? Run your own business. Can't do that? Find a decent business, that wouldn't be boycotted. > In the corporate env, the Big Boss comes to admin and says: "I want > that shit no more!", "OK" - says admin - "It's as easy as to uncomment > 3 lines in config and we will be perferctly clear of that shit, so > said in docs, amen." After the month the Big Boss comes again - "My > virtual lover deserted me - no single letter in more than 3 weeks, and > in addition we've lost some of our customers !" So, can you see now who sets the policies for networks? The *owners*, the "Big Bosses". Not customers, nor the workers without the Big Boss' approval. So, the customers' words have absolutely no decision on how a network is being ran. Unlike you have said that customers should decide if a blocklist should be implemented, or not. > In the free mail service they think: "Let's cut the spam - it doubles > our incoming traffic we pay for." And user suddenly stops to receive > letters - "He won't talk to me, moron! What the f*ck is going on?" - > they "just forget" to explain to users how the service had changed. You also forgot that e-mails are never being lost, they are *rejected*, they are bouncing back to the sender with a clear explanation that the e-mail did not reach the recepient, and why. Of course, there are also end users, that implement auto-deleting based on the SPEWS listing, cause their providers do not use SPEWS to reject e-mails. But again - it's their ecplicit wish to use SPEWS that way, and never cause any bounce. Heck, some networks even use SPEWS on the firewall level, denying the access to their web pages or the whole networks, not just e-mail. > (BTW, I've got two such letters while typing this article, one from my > correspondent and one from my user). They were telling what? That their e-mails got lost, or maybe - bounced? In such cases, when e-mail communication fails (and e-mail is not a *guaranteed* delivery service, never was), other means come up. Telephone for example. Or even using some free e-mail service that is not listed in the blocklist, like Hotmail. > Jeff Wynn wrote: >> Didn't read the FAQ, did you? > Robert Myers wrote: >> Q27: If I use SPEWS, is there an chance that non-spam email will be blocked? > > I did. I meant that it should not be just Q**27** of the **FAQ**. It > should be the very first phrase on the spews.org. Preceded by >

Think before you will use > this.

. Why should it? One who cares will find it there. You don't see the

Smoking is hazardous for your health.

labels going in big red letters over the "Belomor" cigarettes now, do you? Believe me, one who thinks to use a third party advisory, will throughly investigate what it offers, and what possible side effects it will cause. One who will not - deserves to have the consequences of their careless. > After all, who the hell do read the FAQ up to Q27 (except me :-) ? Ones who care about what they are going to get. They also read the fine print (small letters) in contracts to be sure that they know everything. I have read through the SPEWS FAQ more than once, myself. > MB wrote: >> The world is full of stupid people, there for "we" should not use/create >> black lists because stupid people might use them? > > You may do whatever you deem useful, but must be aware that stupid > people will use it in the worst possible manner. And this will be his problem and not the stupid people's exactly why? > May be it worth to maintan the list of "best practices" for use of > SPEWS or other such list. I mean, right on the spews.org/filter.html Why wouldn't you do that? Maybe, the idea will be good, and they will pick it up. > Dolphin wrote: >> Yeah, so the smartass admins like you will stay blocked for not knowing >> how Internet works. Go ahead, piss off more admins. They will sure not >> block your network from ever reaching their ones (yeah, sure!). > > Such admins should remember that their customers are the ones who > finally pay for their new hardware toys. Not really. There are networks that provide the services to their customers for free, and make money from other sources. Advertisements, for example. Besides, why you think it is fair for *all* the customers to pay for the constant upgrades, cause *one* of them wants to receive the garbage? AOL's users pay about $3 extra every month because of the spam (and AOL does some filtering on their servers). Do you think AOL should remove all filtering, and make their users to pay $15 extra, so some of them would get their long-waited penis' mortgage enlargement spam? >> When from it's *users* that own those networks, and not the >> people who run networks, buy new hardware, that they own? Communism >> is long time in the past, it's time to get used to such things as a >> "private property" already. > > Please, don't use the words you not fully understand. Why do you think that I don't fully understand the word "communism" (you was thinking about that word, right, or was it "private property")? I've had more than enough of it on my own skin. > For me, the > SPEWS, ruled by anonymous admins, maintaining blacklists of "evil" > networks, advertizing the self-isolation is more perfect match to > communism. Really? Was the KPSS - anonymous administration? And as about advises of the self-isolation from the known and proved criminals and abusers, any normal society will do exactly the same, by isolating their members from criminals and abusers (the word "jail" comes to mind). > But your users pay you for connectivity and freedom of relations. The users pay for what is written in the contracts that they sign up with their providers. If providers explicitly state that they will not use any blocklists for their e-mail services, then their users pay for it. If there is no such statement in the contract, then using the blocklist or not is not something users pay for, and is not something they should expect to get as a part of the services. > Jeff Higgins wrote: >> >> Oh Anatoly ..... this isn't helping .... >> >> Received: from mx100.permissionemails.com ([213.59.173.110]) b > > Did you complain to smolensk.ru ? How ? What did they answer ? Or you > just listed them automatically ? Let's see... Search for "smolensk.+ru" in news.admin.net-abuse.sightings: http://groups.google.com/groups?as_q=smolensk.%2bru&as_ugroup=news.admin.net-abu se.sightings 4 complaints, received by the same people on January 29th, 2003, who also have complained on the previous spam from the same spammer on January 26th, 2003. Guess what? It is still happily connected through smolensk.ru as of right now: $ host mx100.permissionemails.com mx100.permissionemails.com has address 213.59.173.110 Do you see *any* reason to continue to complain to smolensk.ru about their spammers, or dumping this irresponsible network completely and forgetting about it will give better results to stop that spammer (and any other spammers that will appear there, and smolensk.ru will ignore complaints yet again)? By the way, according to this evidence, I will adjust my own bloclists so the whole Smolensk.ru network will be blocked from accessing the mailservers here, cause they don't care about other networks, and allow their spammers to abuse it. > And we are automatically evil too > because we just use the IP from the "evil" range ? Isn't something > wrong with your ethics ? No, the whole smolensk.ru network is a subject to be blocked from accessing other networks, as a place where spam comes from and this abuse is not dealt with from their side. So we (TANW) fix the problem from out side by blocking the access from that network completely. From our (TINO) side the problem is permanently fixed when the rogue network can not send anything here. > I'm not angry, just curious. > > --Anatoly Sennov > k2s ltd At least, this is a progress. Dolphin. -- URL: http://www.DolphinWave.org Mail: on the web page (no spam) ICQ: 6615461