[cryptography] stab from the past, was John Gilmore: Cryptography list is censoring my emails

John Levine johnl at iecc.com
Thu Jan 1 15:45:12 EST 2015

>The point is block lists suck, they're always blocking false things,
>and vigilante abusive takes 3x longer to take you off than for you to
>complain or unresponsive etc.

The most amazing thing just happened.  Last night I went to bed in
2014, and today, based on the messages I'm reading, it is 1996 rather
than 2015.

You know when someone shows up and says he has a new super unbreakable
crypto scheme, and he'll pay $100 to anyone who can break it (but you
can only see it after you sign a one-sided NDA), or the web would be
totally secure if every web server used https because then you'd know
exactly who ran every web site?  Well, that's how this discussion
sounds to anyone who is familiar with the way modern mail systems

You can't run a non-toy mail system without DNSBLs.* The mail stream
is 90% or more spam, and well run DNSBLs will tag or knock out about
80% of that 90% with a very low error rate.  The DNSBLs that people
actually use, notably Spamhaus and Spamcop, have turned from hobbies
into businesses, and the good ones work very hard to minimize the
error rate.

It is certainly true that any moron can run an DNSBL, and many morons
do, but nobody uses the moronic BLs so it doesn't matter.

SORBS, the list that Gilmore is complaining about, is an odd case.
It's one of the oldest BLs and used to be widely used, but now its
management can best be described as peculiar.  I know the gal
(formerly guy) who runs it who is fairly peculiar, too.  These days
it seems mostly to be used by small systems who added it to their
configuration a long time ago and haven't noticed the false positives
yet.  My mail server is listed on it, due to a single message sent three
months ago that I am fairly sure was not spam (I have logs.)  But if
people want to use it, that's their problem.

Gilmore's listing is probably not a false positive, since he famously
insists on running an open mail relay that leaks spam.  Even in 1996,
the problem that open relays addressed (partial network connectivity)
had largely gone away, so I do not pretend to understand what point he
purports to be making.


* - don't argue unless you've talked to the postmasters at Gmail,
Yahoo, AOL, Hotmail, Comcast, Roadrunner, Charter, Verizon, and AT&T.
I have.

More information about the cryptography mailing list