Features

net.wars: Verizon, heal thyself

In the world of Verizon email, I am a non-person. Or, rather, I am one of the people in Europe who for the last month and some has been unable to email addresses at Verizon.net, including that of my agent.

My email to her began doing the four-day bounce in late December. By mid-January, when I started to bug her about it by phone, she told me that she was having trouble getting email from a number of her European contacts. This made no sense to me: true, mail from my domain, pelicancrossing.net, comes from a UK-based mailserver at the end of my  DSL, but the domain and my Web site are hosted on Pittsburgh-based   Pair Networks. A week or two later, her email troubles hit the  Washington Post

The culprit is Verizon's anti-spam effort. Verizon told the Post it was merely "monitoring its own networks and blocking mail from other networks that Verizon deems to be conduits of large-scale spamming." In some reports I've read, there's a hint that only spammers would complain about these efforts.

Apparently there have been anonymous complaints. Well, lissen up, Verizon, this is a fully identified, public complaint.

First of all, my mailserver is locked down - it's not an open relay - and my tiny home network is virus-free. So I'm not sending spam. Wizards, my ISP, is a small, very responsible outfit, and I feel safe in saying that it does not operate a safe haven for spammers. Its upstream ISP is, in turn… British Telecom's wholesale broadband service. Is BT a "conduit of large-scale spamming"? Really? Compared to Earthlink or AOL? Or compared to what we're being warned is about to happen,   virus-infected zombie PCs using ISPs' own mail servers to send out junk?

Second: the Spamhaus Project notes that 80 percent of spam comes from approximately 200 known spam operations. BT is not on the   Spamhaus Project Register of Known Spammers. Neither is any other well-known European ISP. In fact, only one ISP from any European country is on that list, and it's in Poland. Most spam originates from US operations; besides them ROKSO includes a handful from China, Australia, Canada, and a few other countries. But if you really want to block most spam, the rational approach is to block the US. It is arrogant, nationalist, and stupid for any American ISP to fail to recognize this fact.

Third: some time back, a Net pioneer who read a net.wars set out to email me about that column and got bounced by my mailserver because his domain had been placed on the real-time blacklist my server consults before accepting mail (which it then runs through the excellent   SpamAssassin

Being a resourceful type, he consulted my Web page, found an alternative address, and emailed me there. By then, his email had expanded to include a critique of real-time blacklists.

The basic argument: they are undemocratic and open to abuse. I do sympathise with that argument (though less so with the claim that blocking spam is censorship). Verizon's action displays exactly everything that could possibly be wrong with blacklists: vigilante justice that doesn't care how many innocents are trapped in the net.

Notified that my friend couldn't email me directly at my main address, I whitelisted him, as Verizon is advising its customers to do. But even with the blacklist turned on, he was able - with a little effort - to find a valid email address he could use to reach me. People trying to reach Verizon customers do not in general have this option. I should note, with great sadness, that the UK's Demon Internet, once a champion of net.freedoms, provides spam-blocking but no user-configurable controls beyond opt-in or opt-out, which I find shameful, especially given the ISP's history.

Fourth: my agent submitted me for whitelisting on January 19, and despite Verizon's claim that the problem should be solved within 48 hours, I'm still blocked.

It is utterly legitimate for Verizon to try to please its customers by cutting down the amount of junk they receive. Whether the Old Net likes it or not, most people want the junk weeded out for them, even if the anti-spam efforts inflict worse damage on the Internet than the spam itself does. There is a lot of pressure on ISPs to provide blocking. But there is no requirement for ISPs to be stupid about how they do it. Or greedy - Verizon's tech support told my agent she could be let out of the blocking if she paid to upgrade to a domain name of her own.

 Verizon could have done a number of things. It could have installed filters like SpamAssassin or Brightmail and given users individual control over what mail they chose to receive. It could have sent a letter or email to all their customers explaining that they were installing spam blocking and outlining what they expected to block, and given customers the right to opt in or out of the service. They could have used existing real-time blacklists, choosing ones that at least provide some information about what criteria they use to create their lists.

Instead, they blocked Europe and suggested that anyone who had a problem with that  "might want to make a phone call". Wonder how many of the people they've blocked are shareholders.