Feeds

MAPS backlash kicks off

Readers point Reg in right direction

  • alert
  • submit to reddit

Eight steps to building an HP BladeSystem

Site blocking furore kicks off

Having severely flamed young Kieren McCarthy over his MAPS allegations, our readers decided that they weren't finished with him yet. First in line is Rich Tietjens:

Re: "MAPS needs to improve its own public relations rather than rely on its supporters to spam anyone that dares criticise it. That still holds."

I suppose that it would be really, really smart for MAPS to violate the restraining order in the MEDIA3 vs. MAPS lawsuit and issue a bunch of press releases. Yes, I'm sure that's a wonderful idea.

Oh, and reader feedback is now considered "spam?" Bloody cheek, you lot!

Say, I wonder, is Keiren McCarthy any relation to the "Jamie McCarthy" who's posting anti-MAPS propaganda at Slashdot? They both seem to be utterly incapable of fact-checking, and rather starry-eyed over their hero, Bennet Haselton, the lapdog of spammers everywhere.

Credibility at The Reg has just gone down the toilet.

For the record, the two McCarthys are unrelated. Now, Atro Tossavainen offers us a brick-by-brick demolition:

You're being fed by Bennett Haselton. Please do your homework. Let me point out some factual errors in your article:

"MAPS hunts for open mail relays that will allow spammers to use companies' servers and drive millions of people mad with worthless messages."

MAPS hunts for nothing. MAPS does nothing at all to actively identify network abusers of any kind. Volunteers, that is, spam recipients, let MAPS know about problem net- works. MAPS itself merely sits back and waits for reports of such hosts or networks to come in, then researches those reports, and perhaps acts on them.

"If it finds one, it blacklists it by putting it on its RBL list."

No. Open relays are generally not even listed on the MAPS RBL. They usually are listed on MAPS RSS Relay Spam Stopper, which is a fully automated list, but not in the sense that you have explained.

MAPS RSS works like this: A spam recipient sends in a copy of a spam sent through an open relay, includes a Relay: IP.ad.dr.ess line, and the RSS automaton verifies the openness of the relay by posting a test message to itself. If the relay is found to be open, it is listed. MAPS RSS affects nothing else but reception of e-mail sent through servers that are listed on it to sites which subscribe to MAPS RSS.

"What appears to be happening is that if MAPS finds a mail server that is left open, it also blocks that server's Web site."

No. First of all, MAPS blocks nothing at all. It has no control over the Internet connections of anybody but itself. They issue advisories, which others can use if they so choose. Second, only open relay e-mail servers are listed on MAPS RSS.

MAPS RBL can list spam originators, multi-level relays, supporters of spam or spam services, etc. Please see the MAPS RBL criteria for a full listing, at www.mail-abuse.org/rbl/candidacy.html.

It is up to the subscribers to decide how they want to use any MAPS list. They can be used to control e-mail delivery, and even many MAPS RBL subscribers only use them for this purpose. The RBL can also be used on a router level. This means that a hardware device ("router") that transmits traffic between networks is instructed to use the RBL for access control. Any traffic coming from, or directed at, an IP address that is on the RBL will then be stopped. This is not aimed specifically at e-mail, or Web traffic - all Internet Protocol (IP) traffic is similarly affected.

I reiterate, MAPS itself blocks nothing. They have no access to my network, or yours. If I, or you, as a network owner, want to consult their opinion, you can, but nobody can force you to.

"The main problem however is MAPS' (and arch-enemy ORBS) attitude towards spamming. They will blacklist someone but not tell them"

No. Both MAPS and ORBS will send a network owner plenty of notices before adding any IP address on any list.

"They will only remove someone from the backlist when they deem it right."

MAPS RSS and ORBS entries are only removed when the listed server no longer is an open relay and the owner (or anybody, indeed) has requested it to be removed.

MAPS RBL listings, and their removal, depend on the reason the IP address was listed in the first place, and can't be explained here briefly. Read the RBL documentation.

But ahead of that (at least from our perspective) is that they will never talk to anyone, never explain or defend themselves and certainly never apologise.

If you don't read e-mail addressed to postmaster (required by Internet standards since 1982), or the domain contacts in the domain registry database, or even snail mail or fax messages or answer your telephone, you can hardly blame MAPS for not trying to contact you.

Every MAPS listing with its reasons is explained on the MAPS website, ditto for ORBS.

MAPS goes to extremes to avoid false positives, and so they generally don't happen. For correct listings, why apologise? Does Consumer Reports apologise for calling a product bad when it was in fact bad?

Ok. That's enough right to reply for this week. Keep it coming...

Reducing security risks from open source software

More from The Register

next story
Delaware pair nabbed for getting saucy atop Mexican eatery
Burrito meets soft taco in alleged rooftop romp outrage
Japanese artist cuffed for disseminating 3D ladyparts files
Printable genitalia fall foul of 'obscene material' laws
Brit Rockall adventurer poised to quit islet
Occupation records broken, champagne corks popped
Apple: No, China. iPhone is NOT public enemy number 1
Beijing fears it could beam secrets back to America
Canuck reader threatens suicide over exact dimensions of SPAAAACE!
How many As? Reg hack's writing cops a shoeing
Accused! Yahoo! exec! SUES! her! accuser!, says! sex! harassment! never! happened!
Allegations were for 'financial gain', countersuit claims
Carlos: Slim your working week to just three days of toil
'Midas World' vision suggests you retire later, watch more tellie and buy more stuff
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.