[anti-abuse-wg] Abuse: Too big to fail

ox <andre at ox.co.za> wrote:

>But the simple truth is that Twitter is arguably the largest 'legal'
>spammer on the planet and they are unstoppable...

Again, at the risk of repeating myself, they are by no means "unstoppable".

In fact, it would take me personally all of about 9 seconds to run vi on
my own local mail server domain blacklist file to add the domain name
"twitter.com" to that list.  And if I did so, then I would never get any
email from them whatsoever, ever again, forever, guarranteed.  And I
personally would not hesitate at all to do exactly that if they were
to spam me.

Hummm... gee.  I have a *lot* of domains that I've added to my local
domains blacklist over the years.... hundreds in fact.  There being so
many of them, there's no way that I can remember them all.  So I just now
went and did a grep.  And do you know what?  I swear, I didn't even
remember putting this there, so I must have put it in there a long time
ago... perhaps years and years ago... but yes, actually, now that you
mention it, I *do* have an entry in my own local HELO/EHLO blacklist of
"twitter.com".

There are two implications of that statment:

    1)  Yes, actually, once upon a time, they must have spammed me too.  I
    would not have added that domain to that list unless they had done so.
    
    2)  The list entry in question effectively blocks any and all incoming
    email messages where the HELO/EHLO string offered by the SMTP client is
    either "twitter.com" (case insensitive) or else some subdomain thereof.

So there you have it.  Proof positive that... contrary to your assertion...
even the mighty twitter.com is in fact -very- "stoppable".    (Locally,
I have completely stopped them cold.)

I feel quite confident in asserting to you, and to everyone, that since
the day that domain was inducted into my local blacklist, they have not
successfully spammed me a single time.

Furthermore, if more mail system adminitrators would do as I do, and
take a hard line and adopt a zero tolerance policy, even against the
"big names" then eventually the bad practices of these companies would
start to cost them money, and at that point they would be forced to
discontinue employing them.

So, really, the only question left is:  Why don't both mail system
administrators *and* millions of end users everywhere do as I do and
vote "no" on spam?  Why don't they all blacklist the bad senders?

And the answer is what it always has been:  "It's complicated."  The
admins of big mail *receivers* (e.g. comcast, aol, etc.) fear that if
they did so, many of their less educated users would take this as a
"defect" rather than as a "feature" and would bolt to other providers.

But individual end users can each also take their own unilateral action
against the bad actors, and if enough of them do so, then eventually it
will make an impact.

So why don't they?

Well, unfortunately, an awful lot of them are just plain ignorant, and
many fo them don't even know that they have even the -capability- in
theeir own hands and in their own mail clients to block specific domains
and to this "vote no" on spam.

In short, it is an education problem.

There was a similar problem some years ago when a major effort was
launched to finally and fully eradicate smallpox.

There were some backwards villagers in the wilds of rural Pakistan who
just couldn't be convinced that smallpox wasn't "the will of god".

As you may have noticed, in the American political system also, bad outcomes
accrue in the presence of a poorly educated populace.

It is incumbant upon us, the class of netizens who understand the problem,
to educate our less well educated brethern and fellow Internet users on
the importance of not just putting up with it when this big company or
that big company takes a dump in your inbox.

Speaking only for myself, I certainly attempt to provide such education
at every opportunity, and only wish that others would do likewise.


covfefe