Mon Jun 5 00:35:32 2006 -- dns blacklists, spam control, and net neutrality
On four occassions in the past month I've sent email and had it bounce back due to DNS blacklists (most specifically SORBS) since I send email from a cable modem range. These four instances were:
What particularly disturbs me is that these methods have not merely decided to block based on a series of factors, but on an entire class of users. The whole debate about a neutral net has broken down with the email system. Users who can administer their own boxes have no way out of the blacklist, even by request, from SORBS. SORBS, thus, exists only to serve corporate interests who want to Balkanize the web into classes of "pay extra" and "users who shall have no democratizing force".
If a user wants to use a blacklist, that's fine. But most of these people having their email blacklisted have no idea what is going on.
More thoughts on blacklists can be found here:
http://www.faqs.org/ftp/internet-drafts/draft-church-dnsbl-harmful-01\
.txt
In one case, I was attempting to notify the person of a security vulnerability in some of their code. Since the IT department of the university is responsible for this blacklisting and they are also directly responsible for the security of said network and I have no way to communicate with them, I will simply publish the results for all to see here:
http://swoolley.org/man.cgi/man
Read the first paragraph -- how it points out that arguments containing a / are interpreted as files. My manual page viewer does not have this problem because I knew man had this behavior.
http://www.softlab.ntua.gr/cgi-bin/man-cgi?man
Oddly, no mention is made in the above manual.
http://www.softlab.ntua.gr/cgi-bin/man-cgi?/etc/passwd
So we can do something like the above url -- since he had no idea it did that, despite this package being a rewrite.
I sent the author an email notifying of this, but, SORBS blacklisted my email. Thanks to SORBS, you all have first-disclosure.