<nettime> admin note/RFC: 'antispam' services and nettime

nettime's_janitors on Thu, 13 Feb 2003 09:01:03 +0100 (CET)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> admin note/RFC: 'antispam' services and nettime

To: nettime-l@bbs.thing.net
Subject: <nettime> admin note/RFC: 'antispam' services and nettime
From: "nettime's_janitors" <nettime@bbs.thing.net>
Date: Thu, 13 Feb 2003 00:57:02 -0500
Reply-to: "nettime's_janitors" <nettime@bbs.thing.net>

[we drafted this 'RFC' before we learned, from bruce sterling's message, 
that one of the services in question was spamming (some of?) the people 
who emailed its clients (probably via nettime) with what appears to be 
a unique URL. -- cheers, t]


lately, a few nettime subscribers have signed up with one of several
newish spam-blocking services that are generating what could, over time,
become a problem for mailing lists. what follows is a rough explanation of
how they work and why the nettime moderators think they're incompatible
with -- or even antithetical to -- an open mailing list culture. we'd like
some input on how to deal with them.

the culprit service (which we won't name) works like this:

    (1) an email user subscribes to service and gives the details of
        his/her email account (login, password, popserver); the user
        also gets a chance to give the service a 'whitelist' of email
        addresses s/he wants to receive mail from.

    (2) the service then periodically POPs the person's mail and compares
        each message to the whitelist.

        (a) if the sender is in the whitelist, the mail is is passed on to
            the user; or

        (b) if the sender isn't in the whitelist, the service sends an
            automated response to the sender asking him/her/it to 'click
            on a link.' the webpage shows an obfuscated image of a short,
            random text, which the source must type into a field. once
            the source has done that, the mail gets passed on to the user.

for mailing lists, this approach especially flawed for two reasons. first, 
if the user doesn't include the mailing list *and its admin address*
('nettime-l@' and 'nettime@', respectively) in his/her whitelist, the mail 
sent to him/her via the list spawns at least one 'click this link' response 
(to the sender) and maybe more (to the mailing list and/or its admin address). 
and a list admin can't simply explain the problem to the user, because the
admin will get the same response. the only way around it is to 'click on
the link.'

for a list like nettime, which has almost 3000 people on it, this is a very
broken system. moderating a list is quite enough work, but clicking here
and typing there to route around subscribers' spam-blocking services is a
chore caused either (a) by a badly designed system, or (b) by a user's
sloppy configuration of the service.

moreover, if services like this are widely adopted, the result will be
mayhem. let's say that half of nettimers use them; and only 10% of them
have misconfigured their settings (which is a reasonable number given the
many error msgs we already get), then everyone who posts a message to
nettime will be bombarded with 150 'click this link' messages. this would
make posting to the list a huge nuisance and, in effect, kill the list.

the nettime mods think this is a Really Bad Thing, and that the best
solution is to discourage the use of these services. we contacted the
people who run the culprit service, and they came back with a fairly
substantive answer pretty quickly -- which is good. but if their business
grows, they'll probably be less responsive.

the simplest solution would be to trash these spam-blocking responses; but
a better solution, we think, is to automatically unsubscribe anyone
subscriber who misconfigures a spam-blocking account. if the person values
nettime (or any other affected list), then s/he can sort out the problem;
if not, oh well.

we'd hope that these services would automatically whitelist everyone their
users send mail to, because that would minimize the coercive aspects of
these systems automatically. but, ultimately, that's their business. our
business is keeping nettime as open and efficient as possible.

but rather than impose this policy by fiat, we're interested to hear what
nettimers have to say, on the list or in private.

thoughts?

the mod squad: andrea, felix, oliver, ted

#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: majordomo@bbs.thing.net and "info nettime-l" in the msg body
#  archive: http://www.nettime.org contact: nettime@bbs.thing.net

Prev by Date: <nettime> RE: form
Next by Date: <nettime> Okay, that does it -- Armageddon is too good for us
Previous by thread: <nettime> file under problem sharing [digest: ritchie, spornitz]
Next by thread: <nettime> Okay, that does it -- Armageddon is too good for us
Index(es):
- Date
- Thread