Keeping afloat in a binary ocean

Micro-rant:

One of my pet peeves as a guy who likes to say his piece online is the number of really interesting and useful technologies / ideas completely ruined by lazy attempts at marketing by even lazier “salesmen” and marketers.

Look at email – DKIM/SPF/DNSBLs/greylisting just to keep the signal to a sane level. I don’t accept IM’s from contacts not already vetted and authed, I’d be flooded..

Social media is no different, alas. I have accounts on both Twitter and Identi.ca and the former attracts enough bot followers that I routinely clean them out (no for the nth time I don’t want to see Britney naked; we’ve all seen it and we’re still paying for the eyebleach. Cheers)

Getting it right takes only a little  effort. Lauren Cochrane, an old colleague of mine who now works for the RSPCA nails this on the head – you need to balance your “brand” with being human ; don’t fail the Turing test.

While it’s easy to write up a bot to spruik a message cheaply and efficiently (especially to services with a free, public API like Twitter or Laconica, although thankfully identi.ca/Laconica aren’t as badly affected) it’s a huge turnoff for a lot of people and ineffective – the sign of laziness / ignorance in my rarely humble opinion. If your product / “brand” has real worth then it should be very easy to talk about it earnestly and openly and give it a bit more depth – Lauren cites commenting and relaying information relating to your interests, even a few pics here and there just to assure your community you don’t end in .sh 🙂

Be interesting, discuss useful ideas, show you’re the real deal and they’ll come – something that F/OSS communities are also very good at. Are you reading me via Fedora Planet? See the posts above and below mine? These are great examples – a potpourri of diverse people, places and posts not essentially directly free software or Fedora related. The community works well and brings in more people simply because it has this depth, it’s not strictly dry technical talk.

If you can’t do that with your product / “brand”, then go buy a sandwich board / billboard we can choose to ignore if we want to while we go about our business. There’s enough noise in traditional advertising without adding to it here, there’s no need to force a broken old model on a medium built in an essentially polar-opposite fashion.

Other stuff:

I seem to have a spam dry run – for the first time since I started using email (1994, I’m a relative newbie) I have 0 spam in my junk folder. Either I have achieved some sort of email enlightenment, my setup is too hardcore for current spammer tricks or something is horribly wrong. The irony is that my secondary MX has no greylisting or spam filtering on it yet – just when you think you’ve seen it all something can still surprise you.

As heretical as it sounds I may have to lay off the caffeine, as my poor old brain doesn’t seem to cope well (beware the wired sysadmin!) plus for some reason instant coffee makes me sleepy (hey, that’s not meant to happen! Stimulants anyone?) Fortunately I dislike anything that I haven’t ground myself or at least been beans recently.

Any suggestions for good quality green tea are welcomed 🙂

Vale SORBS, we’ll hardly miss ye…

SORBS is on death’s door.

I can’t say I’m unhappy to see this or i’ll miss it when it’s gone. An arbitrary definition of “spam” is not so good; providing almost no information to administrators and end users is just plain poor and demanding a “donation” for removal is just plain bovine excrement.

Something I learned from my formative years as a neophyte mail admin-in-training on news.admin.net-abuse.email was that if you wanted to run a blacklist and be taken seriously, you need a fair deal of transparency (ie provide info on why/how a server got listed and a means to resolve the issue) and fairly sane and personable demeanour, and a clear and stricly enforced policy on listing.

Unfortunately SORBS failed all of these in my experience.

One of my old jobs was to handle abuse@ at a Large Australian Hosting Provider (now part of MelbourneIT) along with my regular systems admin / support duties.

Alas, as unfortunately happens in large network / hosting ops, a customer spews some junk. We found and terminated the perp, but not before getting blacklisted.

A quick check of the major lists found the evidence / reason for listing and after informing them that we’d resolved the issue removal was quite swift.

But not SORBS. After jumping through a couple of hoops to find out how / when the servers got listed, no evidence for it’s addition was found aside a single “Recieved:” email header – which is easily forged (and at the time quite popular with spammers to confuse less experienced users/admins)

Our request for more information was met with little more than “I have proof, but I’m not sharing any more” and removal was met with “Donate to the fund supporting Mr Anti-Spammer, who’s being sued for defamation by WeSpamYou Pty. Ltd and I’ll remove it” (names spared to protect the innocent).

W.T.F? Of course the answer was “no” (with the backing of management) especially after I pointed out the case had been settled, in the anti-spammer’s favour. This was changed to a “donate to $charity” after I reminded Mr/Ms Sullivan of that fact.

It still didn’t act as a deterrent (even Legal pointing out that it’s potentially extortion didn’t work!) so I just gave up and stopped bothering with him. You know what they say about arguing with an idiot – they bring you to their level and beat you with experience.

Henceforth, I’ve been advising mail administrators not to use SORBS zones. Customers getting bounces mentioning SORBS got a boilerplate response outlining the situation and why using opaque and arbitrary lists are a Bad Thing (worded appropriately for on-forwarding to ISPs as applicable). I don’t recall ever getting one complaint, as most of the major ISPs here didn’t use it to block mail anyway and smaller players generally got the message once made aware.

There are far better alternatives that don’t generate so many false positives, catch more genuine spam and don’t shake down mail admins / abuse guys for removal. I personally use zen.spamhaus.org for my DNS blacklist needs and it’s never let me down in over 6 years (tied into a multitude of Postfix and Exim installs for small and large mail providers alike)