[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Publishing node IPs

Rachel Llorenna writes:

> While I agree with the notion that ISP's banning huge segments of the
> Internet from e-mail and other services in an attempt to stop spam is
> bad, it's something that is ultimately the choice and responsibility
> of the ISP, and we have no right to compel them to change that.

Oh, but we do. It's called "market discipline", and it goes like this:
"Hi Verizon. Cancel my account. I've switched to a real ISP that
connects me to the *entire* Internet."

> We can only hope that Sender Policy Framework/Microsoft's Sender ID
> initiative will prevent this from being necessary anymore.

No, we can't. Those systems are useless for stopping spam (but great for
breaking forwarding). Even if domain authentication were a good idea,
you'd want cryptographic authentication like Domain Keys. But even that
is not real authentication. If you want real email authentication, you
should use PGP signatures.

The spam problem is a text classification problem. Any proposed solution 
that works by side effect ("DHCP users are bad and can't send email", 
"China is bad and can't send email", "This MX is bad and can't send 
email") is no solution at all.

We're getting pretty far afield from Tor now...

> Unfortunately, many places don't like Tor too much because of all the
> abuse,

The estimated-users:complaints ratio is actually very good.

> and while I disagree with outright banning of Tor exit points, we have
> to accept that in many cases it's necessary.

No, we don't. If your application needs authentication, your application 
needs REAL authentication. Discriminating against people on the basis of 
their IP route is ridiculous and counter-productive, and always was.

> It would be nice if Tor users had more accountability for their
> actions within the network, but that would go completely against what
> the EFF is trying to promote with the Tor network: anonymity instead
> of just pseudonymity.

EFF is promoting free speech, safety, and security.

> However, what the EFF shouldn't be trying to promote is abuse from
> script kiddies who have nothing better to do than annoy opers on IRC
> by flooding and wasting bandwidth (both IRC's and the Tor network's.)

EFF never has supported abuse, and never will.

> The only thing we can do is try to convince Verizon that there are
> better ways to stop spam than blocking networks completely; but I'm
> sure you can appreciate the fact that they get rather tired of dealing
> with all that spam.

I spoke with the operators of Hotmail a few moons back. Surely, they are 
in the top tier of spam sufferers, yet their anti-spam policy is 
remarkably customer-friendly.


Attachment: pgpBDEYfaCbXG.pgp
Description: PGP signature