Verio gags EFF founder over spam

[InfoSec News <isn () C4I ORG>]

http://www.theregister.co.uk/content/6/17639.html

[Also check out: http://cryptome.org/verio-censor.htm  - WK]

By: Kevin Poulsen
Posted: 16/03/2001 at 02:57 GMT

Aggressive anti-spam measures by Dallas-based ISP Verio have stripped
some of the Internet's digerati of the ability to send e-mail, and
Electronic Frontier Foundation (EFF) co-founder John Gilmore is
calling it censorship.

Gilmore's home network includes what anti-spam crusaders call an "open
relay" -- a mail server that accepts and forwards e-mail from anyone.
For decades, the practice was considered central to good network
citizenship. But in recent years, spammers have begun hijacking open
relays to multiply, sometimes a thousand fold, the number of junk
messages they can send at once.

That abuse sparked a campaign by anti-spam activists to close the open
relays, a campaign that Gilmore, an entrepreneur, electronic civil
libertarian, and EFF co-founder, has little use for.

"It reminds me of the X-ray machines they have in airports and the
security checks they put people through," says Gilmore. "It doesn't
actually solve the problem, it just infringes on the rights of the
innocent."

Even as commercial ISPs began tightening down their mail servers --
rejecting outgoing mail from non-subscribers, and forcing subscribers
to electronically prove their identity before sending mail -- Gilmore
kept his own mail server open to the world, a service he says his
friends have come to rely on.

"Part of the reason my friends are using my machine is that their own
ISPs' anti-spam measures prevent them from sending e-mail as they move
around in the world," says Gilmore. "If one user connects to my
machine from an unknown address and sends a message, my machine
forwards it on. It's happy to. That could be John Perry Barlow sending
e-mail from Africa to his girlfriend."

Gilmore says he shuts down spammers when he detects them, but
acknowledges that some junk mail gets through his system. Late last
month, one such spam message -- from a would-be entrepreneur offering
professional spamming services to the public -- resulted in a
complaint to Gilmore's ISP, Verio, from an anti-spam group.

Verio's sweeping acceptable-use policy prohibits open relays. When
Gilmore refused to put fetters on his mail server, the company's
security department slapped a filter on Gilmore's T1 net connection
Wednesday, blocking outgoing e-mail from his network.

A Verio spokesperson did not return a telephone call Thursday. Verio
security team leader Darren Grabowski declined to comment. "What we do
is between us and our customer," said Grabowski.

Anti-spam pressure

Gilmore believes anti-spam efforts have gone too far, and impact the
rights of innocent people. "Verio is filtering me because they were
pressured by a pressure group, and they don't have enough intelligence
to stand up against that pressure."

But the head of the anti-spam business that forwarded the complaint to
Verio last month says the ISP did the right thing.

"It's been a very long time since open relays were considered
acceptable on the Net," says Julian Haight, owner of SpamCop.net. "On
today's Internet, things have changed considerably."

SpamCop.net lets Netizens easily and automatically track and report
spammers and open relays, and maintains a blacklist of network
addresses the company considers spam-friendly. Haight acknowledges the
influence his organization, and other anti-spam efforts, can exert on
an ISP, but he says no one has a right to operate a service that lends
a hand to spammers.

"Freedom of speech is not 100 percent," says Haight. "You're not
allowed to come into my home to preach to me... Open servers are
responsible for making copies of unsolicited commercial e-mails and
sending it to people who don't want it."

Gilmore argues that by making decisions about what to allow or
disallow over their network, ISPs risk losing the common carrier
status that protects them from legal liability for their customers'
actions.

"Ultimately, they should be a pipe. They shouldn't care what content
goes through. For them to say, well, we'll send your IP
packets....except when you send this particular type of IP packet, it
takes them out of the realm of a common carrier," says Gilmore. "That
puts the entire Internet in jeopardy."

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".