Nable

Vernon Schryver vjs@calcite.rhyolite.com
Fri Nov 24 15:39:07 UTC 2006


I hope you don't mind that I'm sending of this to the DCC mailing list,
with a copy blind to you.


> Anyway - the Nabble guys noticed that their domain seems to be 
> black-listed and that posts to the DCC list bounce.

Nothing from nabble.com has ever made it into the DCC mailing list.
I do see some very recent attempts to bypass the defense that kept 
their spam out of the DCC mailing list.


> Would it be possible to rather white-list them ? They are not making any 
> money with this and using Nabble is just like using Google-Mail or Yahoo 
> to post messages to the DCC list,

You can't post to the DCC mailing list or send me mail from gmail.com
or yahoo.com unless I make special whitelist entries.  I blacklist free
providers as spam reaches my SMTP server, because the business models
of a free provider does not allow real control of spamming users.  Even
the best of the free providers such as Outblaze do poor jobs of not
providing drop-boxes to spammers.  Some time ago after some discussion
in the ASRG list, a free provider privately made the old "almost all
spam with our return address is forged" without saying which was his
provider.  So I sent a few 1000 envelope sender addresses that had hit
my free provider blacklist.  We were both surprised, albeit for opposite
reasons, by his determination that 40% of whichever mailboxes were his
provider's were probably not forged.

I care only about the (lack of) spam sent in my direction.  The business
plan of the sender is none of my business unless and until it involves
spam.  Spam is any and all unsolicited bulk mail, regardless of motive
or contents.  I add to my blacklists only after spam gets through my
various filters and I check to see that the source fits one of my
criteria.  www.nabble.com [72.21.53.35] tried to send the message
still visible at
http://www.nabble.com/3-steps-to-money%21%21%21-tf2587664.html#a7215310
I got lucky, because that spam did not make into the DCC mailing list.

I investigated and found that nabble.com seemed to be some sort of free
spam redirection and amplification service, with some sort of mailing-
list-to-web-page sideline.  That qualified them for an addition to
my lists of spammers at
http://www.rhyolite.com/anti-spam/ipaddrs.html
and
http://www.rhyolite.com/anti-spam/unwelcome-a.html
But because of their non-profit claims, I only added them to my
list of free providers visible at
http://www.rhyolite.com/anti-spam/freemail.html

After their attempt to send spam to the DCC list, I might still whitelist
them for my personal mailbox, but I am extremely unlikely to consider
whitelisting them so that they could send epam to the DCC mailing list.
It's not the one attempt to relay spam, because bad stuff can happen
can happen to anyone.  It is the fact that their business model ensures
that it will happen again.  Note that by "business model" I don't
mean technical stuff like spam filters.  Note also that 72.21.53.35 has
an interesting DCC reputation of sending about 70% bulk mail.  See
http://www.rhyolite.com/cgi-bin/reps.cgi?tgt=72.21.53.35


>                                   the difference being that Nabble 
> automatically creates nice searchable archives.

I use Google to search the public DCC mailing lists.  For example, in
a week or two the following will find this message
http://www.google.com/search?q=site:rhyolite.com+"Nabble guys+noticed"

If searching the DCC archives were important enough, I'd add it to
the web archives I maintain.


> Most of all, it allows me and many others to participate in many mailing 
> lists without having our inboxes be filled by hundreds of mailing list 
> entries.

What does participating in many mailing lists have to do with having
inboxes filled by hundreds of mailint list entries?  Perhaps I don't
understand what you mean by "inbox."

I watch some mailing lists by watching their web archives.  Other mailing
lists I simply subscribe to.

Nabble.com might usefully provide archives and archive searching, but
I'm having trouble containing myself at the notion of letting them post
spam to any mailing list I care about.  That they are free and open to
the public guarantees that they will always be spewing of spam.  No
combination of spam filters has false negatives of 0.0%.  If no others,
the armies of 419 spammers who type their junk in such small batches
that they are at most barely bulk will eventually discover the utility
of nabble.com.

The fact that 
http://www.nabble.com/3-steps-to-money%21%21%21-tf2587664.html#a7215310
is in nabble.com's image of the DCC mailing list is not a good sign
even about their archiving and searching.


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.