Feeds

Verio gags EFF founder over spam

Open relay violates acceptable use

  • alert
  • submit to reddit

Secure remote control for conventional and virtual desktops

Aggressive anti-spam measures by Dallas-based ISP Verio have stripped some of the Internet's digerati of the ability to send e-mail, and Electronic Frontier Foundation (EFF) co-founder John Gilmore is calling it censorship.

Gilmore's home network includes what anti-spam crusaders call an "open relay" -- a mail server that accepts and forwards e-mail from anyone. For decades, the practice was considered central to good network citizenship. But in recent years, spammers have begun hijacking open relays to multiply, sometimes a thousand fold, the number of junk messages they can send at once.

That abuse sparked a campaign by anti-spam activists to close the open relays, a campaign that Gilmore, an entrepreneur, electronic civil libertarian, and EFF co-founder, has little use for.

"It reminds me of the X-ray machines they have in airports and the security checks they put people through," says Gilmore. "It doesn't actually solve the problem, it just infringes on the rights of the innocent."

Even as commercial ISPs began tightening down their mail servers -- rejecting outgoing mail from non-subscribers, and forcing subscribers to electronically prove their identity before sending mail -- Gilmore kept his own mail server open to the world, a service he says his friends have come to rely on.

"Part of the reason my friends are using my machine is that their own ISPs' anti-spam measures prevent them from sending e-mail as they move around in the world," says Gilmore. "If one user connects to my machine from an unknown address and sends a message, my machine forwards it on. It's happy to. That could be John Perry Barlow sending e-mail from Africa to his girlfriend."

Gilmore says he shuts down spammers when he detects them, but acknowledges that some junk mail gets through his system. Late last month, one such spam message -- from a would-be entrepreneur offering professional spamming services to the public -- resulted in a complaint to Gilmore's ISP, Verio, from an anti-spam group.

Verio's sweeping acceptable-use policy prohibits open relays. When Gilmore refused to put fetters on his mail server, the company's security department slapped a filter on Gilmore's T1 net connection Wednesday, blocking outgoing e-mail from his network.

A Verio spokesperson did not return a telephone call Thursday. Verio security team leader Darren Grabowski declined to comment. "What we do is between us and our customer," said Grabowski.

Anti-spam pressure

Gilmore believes anti-spam efforts have gone too far, and impact the rights of innocent people. "Verio is filtering me because they were pressured by a pressure group, and they don't have enough intelligence to stand up against that pressure."

But the head of the anti-spam business that forwarded the complaint to Verio last month says the ISP did the right thing.

"It's been a very long time since open relays were considered acceptable on the Net," says Julian Haight, owner of SpamCop.net. "On today's Internet, things have changed considerably."

SpamCop.net lets Netizens easily and automatically track and report spammers and open relays, and maintains a blacklist of network addresses the company considers spam-friendly. Haight acknowledges the influence his organization, and other anti-spam efforts, can exert on an ISP, but he says no one has a right to operate a service that lends a hand to spammers.

"Freedom of speech is not 100 percent," says Haight. "You're not allowed to come into my home to preach to me... Open servers are responsible for making copies of unsolicited commercial e-mails and sending it to people who don't want it."

Gilmore argues that by making decisions about what to allow or disallow over their network, ISPs risk losing the common carrier status that protects them from legal liability for their customers' actions.

"Ultimately, they should be a pipe. They shouldn't care what content goes through. For them to say, well, we'll send your IP packets....except when you send this particular type of IP packet, it takes them out of the realm of a common carrier," says Gilmore. "That puts the entire Internet in jeopardy."

© 2001 SecurityFocus.com. All rights reserved.

The essential guide to IT transformation

More from The Register

next story
Kate Bush: Don't make me HAVE CONTACT with your iPHONE
Can't face sea of wobbling fondle implements. What happened to lighters, eh?
Video of US journalist 'beheading' pulled from social media
Yanked footage featured British-accented attacker and US journo James Foley
Caught red-handed: UK cops, PCSOs, specials behaving badly… on social media
No Mr Fuzz, don't ask a crime victim to be your pal on Facebook
Ballmer leaves Microsoft board to spend more time with his b-balls
From Clippy to Clippers: Hi, I see you're running an NBA team now ...
Online tat bazaar eBay coughs to YET ANOTHER outage
Web-based flea market struck dumb by size and scale of fail
Amazon takes swipe at PayPal, Square with card reader for mobes
Etailer plans to undercut rivals with low transaction fee offer
Assange™: Hey world, I'M STILL HERE, ignore that Snowden guy
Press conference: ME ME ME ME ME ME ME (cont'd pg 94)
Call of Duty daddy considers launching own movie studio
Activision Blizzard might like quality control of a CoD film
US regulators OK sale of IBM's x86 server biz to Lenovo
Now all that remains is for gov't offices to ban the boxes
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.