[CLUG] Administrators can be so rude!

[Ronan Kirby]

<rant>

Its Friday, its raining (where I am at least), I've a head-cold and I
feel like a good old rant! So thats exactly what I'm going to do...

                  * email white-lists  *

Admittedly spam is an ever increasing problem. On an average day I
'receive' in the region of 150 unsolicited emails per day, across the
main accounts I use. That does not include accounts that were ever used
for Usenet* postings. So as we already know, administrators need to
tackle this ever increasing problem.

To facilitate this there are some absolutely fantastic tools out there
for addressing this problem. Of course everyone here will be familiar
with SpamAssassin, not only are its roots firmly bedded in Ireland, but
its the facto standard for anti-spam today. On top of that there are
myriad of accompanying tools and applications to allow you enhance and
refine your spam protection.

Of course like any application, SA and other such tools need to be
installed and configured. Its not hard really. In fact, it has been made
very easy in recent years. Some of the better Linux distributions even
ship it! So even the greenest of Linux enthusiasts are going to be able
to get it up and running in the shortest of times.

But then again, logging in to an O/S is not for everyone. There are
those who prefer the 'appliance' route - not a problem, there are a host
of companies who would be only too delighted to sell you their plug and
play solution to spam. Best not ask what it runs though, in case you get
buyers remorse. However for the most part these appliances do a
perfectly good job of filtering spam for the touchy-feely among us who
prefer something tangible rather than some Free software.

In addition to dealing with spam thats already been delivered, there are
initiatives to prevent such messages even getting that far. The Sender
Policy Framework (SPF)** is wonderful method of verifying if mail
servers are actually allowed to send you the mail they are trying to
deliver. As its popularity and use grows, it will go a long way toward
lowering the spread of spam, viruses and worms. Plus, as a result of the
afore mentioned, it will also lower the load on IP links as the
verification takes place before any message data is transferred.

Why then is it that people, companies and organisations all of a sudden
start using 'email whitelists'? I mean C O M E  O N!!! In the name of
what ever God(s) you believe in, how ignorant rude and stupid can you
be? The cheek of someone when sending them a mail to expect you to read
a bounced message, go to a website, fill in your details, wait for an
acknowledgment and then send mail your mail again! Not only is it
downright rude, but it makes a number of chronically bad assumptions!

To begin with, it assumes that when Joe Bloggs receives a mail from
"Mail Delivery Subsystem" they will read it. There was a time when fair
enough, they were so rare you would. But nowadays your common or garden
user is not likely to. So the message from "Mail Delivery Subsystem"
asking them to visit your website to register for the privilege of
sending you an email in the first place will often go unnoticed or
unread.

Next you assume that the user has World Wide Web access. However email
is increasingly just a tool. One which some companies and organisations
decide to give to staff based on a requirement. Companies and
organisations are nowadays far less likely to give people "full
Internet" access. So there is an ever increasing chance that the person
you are asking to register for the privilege of sending you a mail,
couldn't actually do it even if they were so inclined!

Then you have the people who do see your request to register for the
privilege of sending them a mail, who do have full Internet access, but
frankly couldn't be bothered! There are many hugely differing reasons
why one might not be bothered. The fact remains though this is often the
case. Maybe the person was just popping a quick message, or quick note
of interest to you. Something they don't consider important enough to
warrant registering for the privilege of sending you an email - who is
loosing out? You! Maybe the person sending you the mail is a grumpy git
who thinks that if you couldn't be bothered taking the small time
required to implement a proper anti-spam solution, maybe they couldn't
be bothered taking the time to register on your bloody system you rude
so-and-so *ahem*. There are heaps of other, possibly more likely
reasons, why people simply won't register.

The long and short of all of this is that your likely to loose large
amounts of genuine mail as well as blocking spam. Yes, many people will
of course register. But there are many who will not, for what ever
reason. Ultimately you are the one loosing out and not receiving
genuine, potentially important email.

So get off your behind and when you start to tackle spam, do it in a
proper (and polite) manner. Its not hard! I was dismayed recently by
seeing the afore mentioned system in use somewhere I would never have
expected to see it. Somewhere with first class technical expertise and
expert understanding of such things. But alas, have reverted to using
email whitelists. For shame people, for shame!

</rant>

* A wonderful thing that was widely used before people started trying to
squeeze everything down the one port. ;-)

** If your not already using it, plan to! http://spf.pobox.com