MAPS backlash kicks off

Readers point Reg in right direction

  • alert
  • submit to reddit

Security for virtualized datacentres

Site blocking furore kicks off

Having severely flamed young Kieren McCarthy over his MAPS allegations, our readers decided that they weren't finished with him yet. First in line is Rich Tietjens:

Re: "MAPS needs to improve its own public relations rather than rely on its supporters to spam anyone that dares criticise it. That still holds."

I suppose that it would be really, really smart for MAPS to violate the restraining order in the MEDIA3 vs. MAPS lawsuit and issue a bunch of press releases. Yes, I'm sure that's a wonderful idea.

Oh, and reader feedback is now considered "spam?" Bloody cheek, you lot!

Say, I wonder, is Keiren McCarthy any relation to the "Jamie McCarthy" who's posting anti-MAPS propaganda at Slashdot? They both seem to be utterly incapable of fact-checking, and rather starry-eyed over their hero, Bennet Haselton, the lapdog of spammers everywhere.

Credibility at The Reg has just gone down the toilet.

For the record, the two McCarthys are unrelated. Now, Atro Tossavainen offers us a brick-by-brick demolition:

You're being fed by Bennett Haselton. Please do your homework. Let me point out some factual errors in your article:

"MAPS hunts for open mail relays that will allow spammers to use companies' servers and drive millions of people mad with worthless messages."

MAPS hunts for nothing. MAPS does nothing at all to actively identify network abusers of any kind. Volunteers, that is, spam recipients, let MAPS know about problem net- works. MAPS itself merely sits back and waits for reports of such hosts or networks to come in, then researches those reports, and perhaps acts on them.

"If it finds one, it blacklists it by putting it on its RBL list."

No. Open relays are generally not even listed on the MAPS RBL. They usually are listed on MAPS RSS Relay Spam Stopper, which is a fully automated list, but not in the sense that you have explained.

MAPS RSS works like this: A spam recipient sends in a copy of a spam sent through an open relay, includes a Relay: IP.ad.dr.ess line, and the RSS automaton verifies the openness of the relay by posting a test message to itself. If the relay is found to be open, it is listed. MAPS RSS affects nothing else but reception of e-mail sent through servers that are listed on it to sites which subscribe to MAPS RSS.

"What appears to be happening is that if MAPS finds a mail server that is left open, it also blocks that server's Web site."

No. First of all, MAPS blocks nothing at all. It has no control over the Internet connections of anybody but itself. They issue advisories, which others can use if they so choose. Second, only open relay e-mail servers are listed on MAPS RSS.

MAPS RBL can list spam originators, multi-level relays, supporters of spam or spam services, etc. Please see the MAPS RBL criteria for a full listing, at www.mail-abuse.org/rbl/candidacy.html.

It is up to the subscribers to decide how they want to use any MAPS list. They can be used to control e-mail delivery, and even many MAPS RBL subscribers only use them for this purpose. The RBL can also be used on a router level. This means that a hardware device ("router") that transmits traffic between networks is instructed to use the RBL for access control. Any traffic coming from, or directed at, an IP address that is on the RBL will then be stopped. This is not aimed specifically at e-mail, or Web traffic - all Internet Protocol (IP) traffic is similarly affected.

I reiterate, MAPS itself blocks nothing. They have no access to my network, or yours. If I, or you, as a network owner, want to consult their opinion, you can, but nobody can force you to.

"The main problem however is MAPS' (and arch-enemy ORBS) attitude towards spamming. They will blacklist someone but not tell them"

No. Both MAPS and ORBS will send a network owner plenty of notices before adding any IP address on any list.

"They will only remove someone from the backlist when they deem it right."

MAPS RSS and ORBS entries are only removed when the listed server no longer is an open relay and the owner (or anybody, indeed) has requested it to be removed.

MAPS RBL listings, and their removal, depend on the reason the IP address was listed in the first place, and can't be explained here briefly. Read the RBL documentation.

But ahead of that (at least from our perspective) is that they will never talk to anyone, never explain or defend themselves and certainly never apologise.

If you don't read e-mail addressed to postmaster (required by Internet standards since 1982), or the domain contacts in the domain registry database, or even snail mail or fax messages or answer your telephone, you can hardly blame MAPS for not trying to contact you.

Every MAPS listing with its reasons is explained on the MAPS website, ditto for ORBS.

MAPS goes to extremes to avoid false positives, and so they generally don't happen. For correct listings, why apologise? Does Consumer Reports apologise for calling a product bad when it was in fact bad?

Ok. That's enough right to reply for this week. Keep it coming...

Internet Security Threat Report 2014

More from The Register

next story
Apple CEO Tim Cook: My well-known gayness is 'a gift from GOD'
'I have benefited from the sacrifice of others'
MEN: For pity's sake SLEEP with LOTS of WOMEN - and avoid Prostate Cancer
And, um, don't sleep with other men. If that's what worries you
Jim Beam me up, Scotty! WHISKY from SPAAACE returns to Earth
They're insured for $1m, before you thirsty folks make plans
Now: The REAL APPLE NEWS you need to know
OMG! Gravity's totes amazeballs. Calm down, George Clooney, not your film
Boffins who stare at goats: I do believe they’re SHRINKING
Alpine chamois being squashed by global warming
Let's make an app that POSTS your POO to APPLE HQ
Plus: It's OPEN WARFARE in the Linux greybeard world
Adorkable overshare of words like photobomb in this year's dictionaries
And hipsters are finally defined as self-loathing. Sort of
Not a loyal follower of @BritishMonarchy? You missed The QUEEN*'s first Tweet
Her Maj opens 'Information Age' at the Science Museum
prev story


Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.