Saturday, October 31, 2009
What's with Hinet.net?
"Why is my ISP blocking Hinet.net senders?" someone asked on my contact form. I replied:
Hello [name], thanks for filling out the form. Your email address is on the sbcglobal.net domain. Most of those are outsourced by AT&T to Yahoo Inc. The rest are managed by AT&T internally.
I am fairly sure Yahoo and AT&T do not use my lists. Therefore, I have no control over whether you can receive email from Hinet.net senders.
The Hinet.net domain belongs to Chunghwa Telecom Co., Ltd. According to Spamhaus.org (very authoritative), Chungwa a/k/a Hinet is the #4 spammer service company in the world. Like most Asian phone companies, they take nationalistic pride in ignoring complaints from the West. (Mainland China and South Korea are equally imperious, and Viet Nam is even worse.) So lots of email systems in the West are blocking Hinet. It is not to make a political statement. We know Hinet does not care, and does not take protesters seriously. It is a simple mechanical defense against the ongoing spam attack by Hinet's spammers.
So you can tell your friends in Taiwan this:
Hinet is what we call a "rogue network." Hinet seems to believe the rules of the Internet do not apply to Hinet. As long as Hinet is on the Spamhaus top ten list, lots of networks all over the world are going to block email from there. Hinet needs to change the way it does business. That is not going to happen fast, so your friends need to use some other company for their email if they want to send reliably.
Best wishes. Sorry to bring you bad news.
-Me in San Jose.
Hello [name], thanks for filling out the form. Your email address is on the sbcglobal.net domain. Most of those are outsourced by AT&T to Yahoo Inc. The rest are managed by AT&T internally.
I am fairly sure Yahoo and AT&T do not use my lists. Therefore, I have no control over whether you can receive email from Hinet.net senders.
The Hinet.net domain belongs to Chunghwa Telecom Co., Ltd. According to Spamhaus.org (very authoritative), Chungwa a/k/a Hinet is the #4 spammer service company in the world. Like most Asian phone companies, they take nationalistic pride in ignoring complaints from the West. (Mainland China and South Korea are equally imperious, and Viet Nam is even worse.) So lots of email systems in the West are blocking Hinet. It is not to make a political statement. We know Hinet does not care, and does not take protesters seriously. It is a simple mechanical defense against the ongoing spam attack by Hinet's spammers.
So you can tell your friends in Taiwan this:
Hinet is what we call a "rogue network." Hinet seems to believe the rules of the Internet do not apply to Hinet. As long as Hinet is on the Spamhaus top ten list, lots of networks all over the world are going to block email from there. Hinet needs to change the way it does business. That is not going to happen fast, so your friends need to use some other company for their email if they want to send reliably.
Best wishes. Sorry to bring you bad news.
-Me in San Jose.
Friday, October 02, 2009
We seem to get blocked a lot. But we love our ISP! RFC-Ignorant.org.
A progressive activist mentioned to me that her organization's email tended to get blocked a lot. From her perspective, all these Internet companies (ISPs) are the same, and they're "warring" over spam emissions with nobody doing anything to clean it up. But we already know all ISPs are not the same. A single web query showed what was really wrong at her ISP. (I looked up her domain at the link four paragraphs down from here.) I replied something like so.
There is a simple, widely recognized standard for contact addresses. It was published by the technical governing body of the Internet a dozen years ago, and it only formalized a tradition that was a dozen years old then. The standard is called Internet Engineering Task Force RFC2142. It says if you run a domain where there are things that can be abused, you are supposed to have an "abuse" email address on that domain for reporting said abuse. And you're supposed to have "postmaster" for reporting email issues. It's common sense to have a standard for that, and the IETF is the body that publishes standards like that.
Now, people who have no idea how the Internet works will tell you that there are no standards, or no standards body, or the real standards body is some corporation (Google, cisco, Microsoft...) or "RFC just stands for Request for Comment, they don't really mean anything." But that just shows their ignorance. The Internet works because people who know what they are doing voluntarily comply with the IETF's RFCs, including 2142. It's the greatest demonstration of functional anarchy, as far as I know, in all of human history. A voluntary association of network operators who agree to run their networks so that they're all compatible with each other.
IETF RFC2142 is so important in tracking and dealing with email abuse that there is a clearinghouse which keeps track of domains that fail. Unfortunately, the volunteers who set it up chose its name poorly, so that people who don't understand how the Internet works don't take it seriously, or even take offense at its name! Nevertheless, RFC-Ignorant.org has outlasted much more corporate or "professional" operations like Mail Abuse Prevention System, Open Relay Database, and plenty of others.
My fellow activist's ISP's domain name is listed at RFC-Ignorant.org. In fact, I submitted the evidence for that listing! I do that when I can't figure out where to report spam from a network, because its standard contact addresses bounce my spam report. I report most of the spam that reaches my mailbox, maybe a dozen a day. (I use tools. It's quick.) I report one or two domains to RFC-I each day, on average.
She said, "But every week there are a couple of new [ISPs blocking us], or old ones that were once fixed that pop us again and have to be dealt with."
That's happening because her ISP has not been good at controlling spamming from its network. When the RFC2142 addresses don't work, or are listed as not working, you don't get the most detailed and timely reports. So you take longer to discover a spam source on your network.
Not that an RFC-I listing is the be-all and end-all of ISP ratings. But it tends to be a remarkably reliable indicator. Top-notch ISPs are hardly ever listed, with a handful of very large exceptions, while low-ballers and bumblers usually are.
Everybody gets in block lists occasionally. Verizon blocked all of Europe for a couple of weeks. But if it's happening regularly, your ISP really is doing something wrong.
Sorry if that's not what you wanted to hear.
There is a simple, widely recognized standard for contact addresses. It was published by the technical governing body of the Internet a dozen years ago, and it only formalized a tradition that was a dozen years old then. The standard is called Internet Engineering Task Force RFC2142. It says if you run a domain where there are things that can be abused, you are supposed to have an "abuse" email address on that domain for reporting said abuse. And you're supposed to have "postmaster" for reporting email issues. It's common sense to have a standard for that, and the IETF is the body that publishes standards like that.
Now, people who have no idea how the Internet works will tell you that there are no standards, or no standards body, or the real standards body is some corporation (Google, cisco, Microsoft...) or "RFC just stands for Request for Comment, they don't really mean anything." But that just shows their ignorance. The Internet works because people who know what they are doing voluntarily comply with the IETF's RFCs, including 2142. It's the greatest demonstration of functional anarchy, as far as I know, in all of human history. A voluntary association of network operators who agree to run their networks so that they're all compatible with each other.
IETF RFC2142 is so important in tracking and dealing with email abuse that there is a clearinghouse which keeps track of domains that fail. Unfortunately, the volunteers who set it up chose its name poorly, so that people who don't understand how the Internet works don't take it seriously, or even take offense at its name! Nevertheless, RFC-Ignorant.org has outlasted much more corporate or "professional" operations like Mail Abuse Prevention System, Open Relay Database, and plenty of others.
My fellow activist's ISP's domain name is listed at RFC-Ignorant.org. In fact, I submitted the evidence for that listing! I do that when I can't figure out where to report spam from a network, because its standard contact addresses bounce my spam report. I report most of the spam that reaches my mailbox, maybe a dozen a day. (I use tools. It's quick.) I report one or two domains to RFC-I each day, on average.
- Often you'll see RFC-I listings on "resellers" or "virtual ISPs," that is marketing organizations that put their brand on a wholesale ISP's service.
- Sometimes you see RFC-I listings on Microsoft-oriented ISPs. People who learned about Internet operations primarily from Microsoft (MSFT) training courses often have an "admin@example.net" address (there is no "admin" in RFC2142), but they don't have an abuse or postmaster address. There's a big overlap between those people and the ones spreading misinformation about the RFCs. A conspiracy theorist might imagine MSFT's public relations thing made sure that information was missing from MSFT's courses.
- Sometimes you see RFC-I listings on school districts. Sometimes it's a small business that let some consultant set up their email service and doesn't have anyone around who knows how it works. It's not so much a matter of can't afford staff, as not realizing an email setup needs to work by the rules of the Internet, and it takes some monitoring and testing to get there.
She said, "But every week there are a couple of new [ISPs blocking us], or old ones that were once fixed that pop us again and have to be dealt with."
That's happening because her ISP has not been good at controlling spamming from its network. When the RFC2142 addresses don't work, or are listed as not working, you don't get the most detailed and timely reports. So you take longer to discover a spam source on your network.
Not that an RFC-I listing is the be-all and end-all of ISP ratings. But it tends to be a remarkably reliable indicator. Top-notch ISPs are hardly ever listed, with a handful of very large exceptions, while low-ballers and bumblers usually are.
Everybody gets in block lists occasionally. Verizon blocked all of Europe for a couple of weeks. But if it's happening regularly, your ISP really is doing something wrong.
Sorry if that's not what you wanted to hear.
