At 01:11 AM 11/2/01 -0800, you wrote:

But I'm not behind a modem. I'm behind a DSL so the above really doesn't matter much. I know I could just as well use my ISP's mail server and maybe I'll change my configuration one day. But it seems to me that the MAPS DUL is treating innocent users as criminals, especially when they say "and use the equipment you're authorized to use." This means in their eyes I'm not allowed to connect to anyone's mail server myself since they are not part of the 'equipment I'm allowed to use'. I see this as an undue restriction of my freedom and this is what I think is wrong with MAPS DUL.

They are allowing only regular mail servers.

What's so surprising or immoral here ? Allowing others the right to use your property is not an all or nothing proposition; as an (hypothetical) example, I can refuse in general the right to people to use a way on my land, but allow an association to organize a walking at a specified date. That Mr X travels on my property as a member of this association does not give him the right to come any way and any times he chooses.

I'm more favorable to other forms of Spam prevention like MAPS RSS and ORBS. At least in these cases the servers being blocked are at a minimum guilty of negligence (by being open relays). In contrast, people using MAPS DUL are discriminating against individuals just because some might be spammers (they don't even claim there is a larger proportion of spammers among them). What if a big chain store refused to let you in because some statistics says you belong to a population group with a higher percentage of shop-lifters. 'But of course, feel free to shop on the web, it's more convenient anyway'. It's discrimination just the same and, IMO, the wrong way to tackle the problem.

I had just last week a real-life experience with this kind of setup:

Received: from unknown-fn4p2i6 ([192.76.183.3]) by mail1.asi.fr (8.11.0/8.11.0) with SMTP id f1AKZmN32007

(...)

Message-Id: 200102102035.f1AKZmN32007@mail1.asi.fr

(...)

Subject: CAN YOU ADVERTISE TO OVER 20 MILLION E-MAIL ADDRESSES?

I won't give you the detail on how to use a Paypal account after which I would (eventually) get a Web address to download the evil stuff ;-). Very probably a complete crook.

As you see, I get this interesting proposal from an IP address (192.76.183.3) that is not responding to a nslookup query. So I guess it's probably a rogue mail server on ADSL. Now, I have sent a mail to abuse@verio.com, but I am not sure it will do much good : this guy has probably registered under a false name and with a stolen credit card, so after he get kicked out by verio (if it happens at all...) he will just get another IP address from another ISP (or the same) and get back at its game.

IMHO the main problem is that this kind of mail server is almost anonymous. Not as much as with relay mail, but my ISP takes care of that. If there was a regular Internet domain for the mail server, there would be *some* serious business information and as such some responsability.

Gerard