Click the comments link on any
story to see comments or add your own.
Subscribe to this blog
RSS feed
|
Home :: Email
15 May 2010
Last year, Russ Smith of consumer.net filed a
most peculiar suit
against Comcast (his home ISP), Microsoft, Cisco, and TrustE,
pro se, claiming a long laundry list of malicious behavior
and privacy violations.
Last week the judge threw out the entire suit, but gave him one more
chance to refile and try to correct the flaws.
Among Smith's claims are that Comcast and Microsoft's Frontbridge subsidiary
have blacklisted him personally. To
the
surprise of many observers, the judge did not accept Comcast's defense that
47 USC 230 (the CDA) gives them blanket immunity for good faith spam
filtering.
Smith claimed that Comcast said they'd unblock his
mail if he paid them more money, which he interpreted as pay to spam,
which if true would mean the blocking was in bad faith.
While Comcast may well have said something like that, it didn't mean
what Smith claimed.
Having exchanged some mail about the suit with Smith last fall, I think
I understand what was going on, which was that despite having some
sort of certificate called a CISSP, Smith fails to understand
the way that e-mail works, and he has imagined a vast conspiracy
to explain what was really configuration errors, a poor choice
of server hosting, and perhaps malware infecting his mail server.
Smith seems to have have two concrete problems with his mail. One is that
Comcast blocks port 25 when he tries to send mail
from his home account, and the other is that various places
sometimes block mail from his rented server.
It appears he calls Comcast and complains a lot, and it never
occurs to him that
the first level support people reading scripts aren't very good at picking
the right scripts to respond to his harangues.
If he's getting bogus responses, it's out of ignorance, not
conspiratorial malice. In particular, when he complained about port 25
blocking at Comcast, he says the answers were all along the lines
of "you must be sending too much mail and/or spam" rather than the correct
answer which is to use port 587, known as SUBMIT,
to send mail to his off-network server rather than blocked port 25.
In his complaint he even quotes part of a Comcast document mentioning 587
but never makes the leap that this might mean him.
He then goes off on a long riff about how he demands the right to
correct the alleged files of personal info that Comcast, Frontbridge, and
Ironport have on him, which is silly, since port 25 blocking is a routine
standard industry policy that applies to customers of ISPs all over the country.
Reconfiguring his computers to use SUBMIT would only take a few minutes--I've
done it, and use it to send mail from my home DSL through my off-network
mail server. But when I asked Smith last fall if he knew about
SUBMIT, he didn't.
The comment from Comcast about about paying more for unblocked port 25
was most likely an upgrade to their business class service,
which does let one host servers and does
permit sending mail using port 25.
But this isn't pay to spam, it's servers vs. no servers.
They don't let customers of either category send spam, and in his case,
since it doesn't appear he wants to run servers at home, it would
have no advantage over reconfiguring and using SUBMIT.
Whatever Comcast said, Smith appears not to have understood.
Smith's mail server is hosted at a Florida company called Infolink.
People who've been in the Internet business for a while will recognize
the name as a famous spam haven in years past.
I haven't investigated Infolink lately, but it would not be, to put
it mildly, my first choice to locate a mail server. Smith
told me he had no idea who they were or what their history was when he
picked them for server hosting.
Another of his concrete complaints is that the IP address
of his server appeared
on an obscure Frontbridge blacklist called 88.blacklist.zap.
Microsoft is very coy about what gets one onto that list, although it
appears that you can write to them and they will promptly delist you.
There's some speculation that it's derived from the
CBL, a well respected and very accurate
list of computers infected with spam sending bots, and I found some other
comments saying that Microsoft lists IP ranges that send them a lot
of spam. It's not out of the
question that someone added large chunks of Infolink space due to spam
received in the bad old days and it was still there.
Or it's possible that Smith's server had a virus.
Whatever it was, it would have been a lot easier to ask to be delisted
than to go to court.
In any event, it's hard to see how Smith could have any sort of case
unless the facts were vastly different from what they appear to be.
Other observers said that the only reason the judge gave Smith another
opportunity to resuscitate his case was the traditional latitude
given to pro se litigants.
The judge admonished Smith to make "a short and plain statement of the claim
showing that the pleader is entitled to relief," which his current 404 page
complaint is not.
Even if Smith manages to restrain himself and refile successfully,
a better response from Comcast will likely extinguish this case once
and for all.
posted at: 01:50 :: permanent link to this entry ::
7 comments
comments... (Jump to the end to add your own comment)
These kind of cases always amaze me. How much money and time has he wasted on this?
(by Michele Neylon
15 May 2010 09:05)
Hi, John,> Another of his concrete complaints is that the IP
> address of his server appeared on an obscure Frontbridge
> blacklist called 88.blacklist.zap. Microsoft is very coy
> about what gets one onto that list, although it appears
> that you can write to them and they will promptly delist
> you. That list is a statistically generated list. IPs that have a history of sending large volumes of mail that are marked as spam are added to the list. > There's some speculation that it's derived from the CBL,
> a well respected and very accurate list of computers
> infected with spam sending bots, This is incorrect. There is a lot of overlap but the CBL is not used at all in this particular list's composition. > and I found some other comments saying that Microsoft
> lists IP ranges that send them a lot of spam. True. The algorithm is agnostic to the source and delisting requests are performed promptly so long as the sending IP does not have a history of spam sending patterns.
(by Terry Zink
17 May 2010 14:28)
Your analysis is a misrepresentation of the issues and the facts. The main issue is that entities have privacy policies that say I can review information collected about me (in this case the blacklists).As far as comcast, in addition to their privacy policy, they have a policy that says their network management is proptocol agonostic so thay cannot also have policy that says they block specific ports. The port 587 was discussed with Comcast but my mail server program was not able to use that port. Comcast said there wpould be no port 25 blocking if I upgraded to business service. This, of course, makes no sense since the issue was supposed to be security/spamming and not how much I paid. The MAWG, which Comast says they are part of, has best practices that say port 25 should not be blocked for users that have a legitimate use of the port. In the cases of Microsoft I was delisted but they both said I could be listed again in the future. the problem is that won't tell me why I was listed so I can correct any problems. This is more described as a privacy policy lawsuit rather than a spam or blacklist lawsuit.
(by Russ Smith
18 May 2010 02:42)
Clearly, this guy enjoys tilting at windmills. I hope Rosinante doesn't get too tired.A privacy policy lawsuite! Have any of those ever succeeded? What personal information does he think they might have collected? Oy, my head.
(by coyote
19 May 2010 22:13)
Fixer of Shtuff Please tell me that "404 page complaint" is a typo. Please?The delicious irony of a lost, clueless, pro-se litigant filing a 404 page petition is just too much to bear!
(by Alif Terranson
05 Jun 2010 23:08)
Fixer of Schtuff Russ Smith said:> The main issue is that entities have privacy policies that > say I can review information collected about me (in this
> case the blacklists). Did the WEBSITE have the privacy policy you describe, or can you prove that this is really an "entity"-wide policy. Do you understand the legal construct of what an "entity" actually *is*? > [Comcastsays they have] a policy that says their network
> management is proptocol agonostic so thay cannot also have
> policy that says they block specific ports. You are going to have a very hard time on *this* claim! For example, define "Network Management"... The SMTP protocol tells you to use 587 (SUBMISSION). Comcast is forcing it's customers to follow the protocol *correctly*. There is almost no legitimate reason to want to open 25. What reason does Russ have? > The port 587
> was discussed with Comcast but my mail server program was > not able to use that port. I doubt that. There is NO modern MTA or MUA that cannot use 587: what MTA/MUAs is Smith trying to work with? > Comcast said there wpould be no port 25 blocking if I
> upgraded to business service. That's correct: you are in violation of your agreement with Comcast. You are trying to run a *SERVER* on a HOME connection! This is a clear violation of your AUP - the only reason Comcast has even worked on this problem with you is because Teir1 and Tier2 helpdesks have even less of a clue than Smith appears to have. > This, of course, makes no
> sense since the issue was supposed to be security/spamming
> and not how much I paid. No. It's not a question of security at all. It's a question of STEALING. You are paying for a no-frills, no-servers, HOME connection. You are specifically prohibited from running "servers" (MTA) on this connection, and to enforce the ban, they have placed you into IP space that filters out ports commonly in use by SERVERS. C'mon, pull out that CISSP Boot Camp book and READ! > The MAWG, which Comast says they
> are part of, has best practices that say port 25 should
> not be blocked for users that have a legitimate use of the
> port. Comcast *supports* MAAWG, and is a member of MAAWG, but MAAWG doesn't run Comcast's network! Besides, you are a home user, and as such, there is NO LEGITIMATE REASON for you to have to run ANY mailserver. If you want to learn about networking, thats great (although I would have suggested taking the CISSP *after* you already knew, but hey...), but you cannot run an MTA on your HOME connection: that is theft of service: both cause to term your acct, and to prosecute criminally if they really wanted to. Consider youself lucky that the help desks are just as clueless as you are! > In the cases of Microsoft I was delisted but they both
> said I could be listed again in the future. the problem is
> that won't tell me why I was listed so I can correct any
> problems. Micro$oft has ZERO responsibility to either take you off the list (which was very kind of them!), or to help you figure out your problems (which are *legion*). You need to back away from this idea that you are somehow special, and entitled. You are most certainly neither, and the sooner you figure that out, the sooner your real learning can begin. > This is more described as a privacy policy lawsuit rather
> than a spam or blacklist lawsuit. No. This is a nuisance suit, completely without merit. Nothing more, nothing less. You are going to lose. I'm just sorry that you are unlikely to get hit with attorneys fees: which you *richly* deserve to pay for your sins.
(by Alif Terranson
05 Jun 2010 23:31)
Schmuck Who Jumped Too Fast! Mr. Smith's IP is static, and appears to be part of a colo: OrgName: Colo4Dallas LP
network:ID:NET-2292.72.249.128.104/29 If you have a static, colo'd /29, you *should* be paying for business class or "colocation services". If he's not colo'd then he's managed to get Comcast to jump through some impressive hoops to make him go away. If he *is* colo'd, then he should be talking to his sales contact, who can fix any *legitimate* problem. I suspect there's a LOT of data missing on this escapade. As for the parts of my analysis which just got blown out of the water by the static IP: If I was wrong, then it's on me. Mea Culpa. If I was right, then I want to know what he did to get Comcast to allocate him a static /29 on HOME user service!
(by Alif Terranson
05 Jun 2010 23:42)
Add your comment...
Note: all comments require an email address to send a confirmation
to verify that it was posted by a person and not a spambot.
The comment won't be visible until you click the link in the
confirmation.
Unless you check the box below, which almost nobody does, your email
won't be displayed, and I won't use it for other purposes.
|
Topics
My other sites
Who is this guy?
Airline ticket info
Taughannock Networks
Other blogs
CAUCE Online Clairvoyance Platforms Sanctioned for GDPR Violations 8 days ago
A keen grasp of the obvious Italian Apple Cake 814 days ago
Related sites
Coalition Against Unsolicited Commercial E-mail
Network Abuse Clearinghouse
|