SPEWS itself publishes a large text file containing its listings, and operated a database where users may query the reasons for a listing. Users of SPEWS can reprocess these data into formats usable by software for mail filtering.
For instance, until recently many mail sites used a DNSBL based on SPEWS data, operated at spews.relays.osirusoft.com. This DNSBL was shut down on August 27, 2003 after several weeks of denial of service attack. A number of other DNSBLs exist based on the SPEWS data, which remain accessible to the public via the web site.
There is a certain degree of controversy regarding SPEWS' anonymity and its methods. SPEWS remains anonymous to avoid harassment and barratrous lawsuits of the sort which have hampered other anti-spam services such as the MAPS RBL and ORBS. Some regard this anonymity as irresponsible, while others find it sensible. In addition, many ISP clients whose providers are listed on SPEWS take umbrage that their own IP addresses are associated with spamming, and that their mail may be blocked by users of the SPEWS data.
Discussions of SPEWS online have frequently degenerated into flamewars. In these, many arguments are based on misconceptions, such as the claim that SPEWS "blocks" email from listed sites. In fact, SPEWS merely publishes a listing, which mail server operators may choose to act upon in various ways, such as by blocking email from the listed address.
| Table of contents |
|
2 Criticism of SPEWS 3 Counter Argument 4 Contacting SPEWS 5 Getting Out Of SPEWS 6 Changing Service Providers 7 Notice 8 Related articles 9 External links |
The precise process by which SPEWS gathers data about spam sources is unknown, and it is likely that the operators use multiple techniques.
SPEWS seems to collect some information from honeypots -- mail servers or single email addresses to which no legitimate mail is received. These may be dummy addresses which have never sent any email (and certainly have never requested to be subscribed to mailing lists). They may also be placed as bait in the header of a Usenet post or on a Web page, where a spammer might discover them and choose to spam them.
The SPEWS Web site makes clear that when spam is received, the operators file a complaint with the ISP or other site responsible for the spam source. Only if the spam continues after this complaint is the source listed. However, SPEWS is anonymous -- when these complaints are sent, they are not marked as being from SPEWS, and the site is not told that ignoring the complaint will result in a listing. This has the effect of determining the ISP's response to a normal user's spam complaint, and also discourages "listwashing" -- continuing to spam, but with the complaining address removed from the target list.
If the spam does not stop over time, SPEWS increases the size of the address range listed. This process is repeated, conceivably until the entire netblock owned by the offending service provider is listed.
One criticism is that it often lists IP ranges of companies that do not spam, or even have strong anti-spam policies. This is because eventually the entire area of a service provider that hosts a spammer can be effected -- something like blocking all e-mail from UUNET, in order to get UUNET to stop hosting a spammer. In particular this is sometimes seen as guilt by association.
Conceivably, entire nations could be listed if they only had a small number of ISPs, all of them with serious enough abuse problems. In particular, Nigeria and China seem to be subject to very large blocks, though by no means even a majority of either nation's network ranges are listed. Some people may feel that there is no choice for people in countries that are listed, and it becomes a matter of freedom of speech.
The most common argument is that no company is required to financially support spam. That if spam continues to increase, it may eventually make e-mail impossible. Thirdly, use of SPEWS is voluntary.
SPEWS' website is located at http://www.spews.org/. SPEWS does not operate a mail server, so it cannot be sent e-mail.
The SPEWS domain and its own address block are registered in Irkutsk, Russia -- quite an out-of-the-way place, and not subject to subpoena from the United States, New Zealand, or other nations likely to host spammer lawsuits. Like the organization's anonymity, this reduces the chance of harassment or barratry against SPEWS.
SPEWS, whoever they are, monitor the newsgroup news.admin.net-abuse.email (NANAE).
WARNING:
There is no moderator for this news group. This news group reads like dispatches from a war zone. People who send spam harvest e-mail addresses from this group; perhaps as revenge - or maybe they just have a sense of humour. Before posting to this news group, ensure that you either munge the from line of your post, or post anonymously.
This place can be rough. Threats of legal action can are somewhat common. On the other hand, it's a great place for some entertainment. People on NANAE recommend lots of popcorn.
Your service provider, or you (if you are a service provider) should have the following e-mail addresses working, answered, and not re-directed to /dev/null.
People who talk to you in NANAE do not know who SPEWS is. They do not represent SPEWS. Many of them use SPEWS, and are fairly fanatical in their support of SPEWS. People who are opposed to SPEWS also post in NANAE. Some of these people are fairly fanatical in opposition to SPEWS.
No person who has edited this article is a member of SPEWS, or even knows what SPEWS is. All information contained in this article is not verified. Additional information on SPEWS, by people who are also not members of SPEWS, and who also don't know who they are (but do use the list), can be obtained from news.admin.net-abuse.email. See the warning above about posting to this newsgroup.
Process
Criticism of SPEWS
No one knows how many service providers use the SPEWS list to reject mail. The number is enough, though, to make people who are listed as spammers, neighbours of spammers, or service providers of spammers quite upset.Counter Argument
Contacting SPEWS
Getting Out Of SPEWS
Failure to have these addresses working will possibly prevent your address from being removed from SPEWS.Writing To NANAE
If you are spamming:
If you are not doing the spamming:
If you are a service provider who hosts a spammer:
Changing Service Providers
Note, known spammers who move to a new service provider may find that they are blocked before they have a chance to send e-mail. The "EW" in SPEWS stands for "early warning".Notice
Related articles
External links
FAQ links: