Download the authoritative guide: Cloud Computing 2018: Using the Cloud to Transform Your BusinessTo filter or not to filter, that is the question now that one of the Internet's more popular blacklists, ORBZ, is out of commission.
One of three projects created in the wake of one of the first blacklists, ORBS (a blacklist broken up after a court case in New Zealand), the ORBZ demise has reopened the debate over methods to slow down the growing number of spam found in people's e-mail inboxes.
Bob Bevill, owner of Internet service provider (ISP) World Wide Online in Arlington, Texas, was an ORBZ subscriber until Wednesday. In only one day's time, he said, the increase in spam has already become almost unmanageable and can be likened to a denial of service (DoS) hack.
"We are now experiencing a huge flood of spam on our servers," he said. "Regular e-mail is now either being delayed, or cannot compete to get access. I must regularly stop and restart sendmail because of the number of sockets being consumed by spammers hosing up my system. I am switching from ORBZ to Spamhaus.org today in the hope that this will clear some of this up."
The issue is broken into two camps: those providers who say they have the right to block spam at the network level (anti-spam) and those that believe it's the customers responsibility and right to determine what should or shouldn't be read (anti-anti-spam).
There are a host of content filtering software applications on the market for customers to use, many which are standard fare with the national ISPs and Webmail providers, notably EarthLink Inc. (NASDAQ:ELNK) and Yahoo! (NASDAQ:YHOO)
William Walsh, owner of California-based WX Software services, providing Web hosting and domain registration services, said programs used by Yahoo! and EarthLink, as well as those provided by the open-source filtering program at Exim.org, is how spam should be handled -- at the customer level.
"ISPs shouldn't be filtering their customer's emails," he said. "Customers should have the option of deciding what email they want to receive. Many ISPs feel that it's their network and their right to make those decisions for them. I feel that if you're providing a communications service to customers you have a responsibility to provide that to them, and give them the tools to make their own choices."
Some ISPs don't look at it that way, saying customers sign up their service over others specifically for their robust spam filtering service, putting the entire issue out of their customer's hands.
"My personal philosophy is it is my email address and I have the right to allow or deny anyone I choose," said Sheldon Koehler, owner of Ten Forward Communications in Port Angeles, WA. "If spammers want to send me e-mail, they can pay for my internet access. But I choose to block them and spam is filtered. Spam and virus filtering are two of our most popular reason people choose us as their Internet provider."
But IP blocking outfits like ORBZ take the process too far, Walsh said, and is one of the reasons he has advocated against blacklists for the past 10 years or so.
"Since (blacklist) organizations got started in the early 1990s, I've taken huge exception to what I saw as the broadening of the goals of these groups," he said. "I've seen the more militant ones, like ORBS and until recently ORBZ, taking the approach of actively scanning ports by randomly going down the IP tree. As a network operator, I take real exception to someone scanning my ports for any reason. I've always felt that if (the blacklists) are actively scanning, they are crossing the line."
The Open Relay Database (ORDB) was the last of the three blacklist projects created in the wake of ORBS. According to one of the staff members there, who chose to remain anonymous, active scanning isn't conducted there -- only customer complaints will prompt a test to determine whether a server is acting as an open relay.
"How is it that blacklist takes the choice away from ISP customers?" the ORDB staffer said. "We provide a list for people to use, we do not force them to do so in any way. Loads and loads of people use such lists for a simple reason: they work."
Anne Mitchell, director of legal and public affairs at the Mail Abuse Prevention System, doesn't understand where the complaint that 'customers want choice' comes from, since every indication points to the fact that customers don't want spam, regardless of where it comes.
"Customers are the ones who are being hurt by the spam," she said. "The reality is there are more ISPs out there that don't use a (blacklist) than those that do. It's a ridiculous assertion that shows the ineffectiveness of the anti-anti-spam argument. It's like saying 'well, you should have the right to get junk mail you don't want.' "
According to MAPS figures, managing spam without a blocking mechanism in place can eat up a provider's bandwidth -- bandwidth better spent delivering "real" e-mail and Web surfing service -- as well as employee costs involved with dealing with addressing spam concerns to customers, denial of service attacks, etc. Reports have shown that as much as $40,000 a month is spent at some larger organizations to combat spam.
Carl J. Gnadinger Jr., a network administrator at Louisville Telecom in Tennessee, said spam was becoming an epidemic before the company switched to a software solution, with junk e-mail accounting for almost 62 percent of the e-mail coming through the network
"From the very beginning, spam started as a headache and grew to epic proportions quickly," he said. "Finally it got to where we were spending at least 30-40 man hours each week tracking that trash down and blocking the IP's at the firewall. Within the past several months, we brought Postini Spam & Virus Filtering on line. I must say that it has helped tremendously. Now, spam coming through the network has been reduced over 95 percent."
This article was first published on internetnews.com, an internet.com site.