Once More Round the Bend -Monday, April 26, 2004 -3:58 am-
OK, it's computer education time again. Please read it anyway.
Spam is a problem most people have to deal with because other people are assholes. One of the ways admins have chosen to deal with this is a concept called blacklists. Blacklists are a list of servers on the internet known to send spam. The mailserver will refuse to accept mail from any server on the blacklist. Effectively, the server drops off the face of the earth. All email, spam and letters from grandma, is rejected if it comes from a server on the blacklist. Originally, the idea was employed on a company by company basis with each admin developing their own blacklist. Since lazier is better, someone eventually got the idea to collect all the blacklists into one big list and then let admins around the world download it so that the local admins didn't have to work as hard. In doing this, the local admins gave up control to a set of people they did not know and over whom they have no authority. This, too, worked ok at first. The problem was the spammers caught on and decided to change server addresses faster than the uber-blacklist could keep up. In response to this advance in the arms race the blacklist maintainers began to block classes of addresses. Ooofff, we need a short summary of classes here. When you type in a server name the computer doesn't care about the words it resolves it into an IP address. There's a little bit about that in this previous blog entry. The IP address is four three-digit numbers (if there's leading zeros you can pop them i.e. 065 is 65) in the form 111.222.333.444 For instance, as of this writing the IP of this blog's server was 65.31.10.28 A class is a range of IP addresses. There are three classes of IP addresses that differ in how many addresses they cover. A Class-C is the smallest, it just varies last number of the IP address. So all numbers, for instance, from 192.168.8.0 to 192.168.8.255 (extra points to anyone not Aaron or Owen who knows why it's 0-255). Another way we can write that is 192.168.8.* because the * character means "everything that could go here". A Class-B holds a much bigger number of addresses because the last 2 numbers in the IP address change. In other words a Class-B might be 172.16.*.* Finally, a Class-A is the biggest of all. It holds A LOT of addresses because all but the first number can vary. Or, in our little notation, 10.*.*.* Ok, back to the main point. As spammers got smarter, the began to jump addresses faster than the uber-blacklist could be updated and passed out to mailservers all over the world. So the blacklisters started blocking entire classes of addresses. Let's say a spammer was bouncing around in the Class-C 111.222.333.* so on any given day he could be 111.222.333.444 or 111.222.333.456 or whatever. The entire Class-C gets blacklisted this means the spammer plus 254 other servers are now blacklisted. In response to this spammers started bouncing around Class-Bs which means to blacklist a spammer, you block him and 65,533 other servers. We've now reached the point of blacklisting Class-As which kill 8,257,284 servers at a stroke. Now, obviously, if you blacklist a Class, you're refusing communication from WAY more normal users than spammers. The people who run the uber-blacklists and those that use them will tell you that by hurting innocent bystanders (a.k.a civilians), you put more pressure on the service providers who's networks the spammers (a.k.a. the enemy) ride on to get rid of the spammers. It means that hundreds of thousands of people get denied the ability to communicate to silence a few spammers. In essence, grandma's email becomes collateral damage.
Today, the entire nation of Spain was blacklisted.
There's a term for using the harm of civilians to influence policy to combat your enemy. It's called terrorism.