Yesmail Gets Restraining Order Against MAPS Blacklist
Spam & E-Mail7/17/2000; 8:45:43 AM This requires a lengthy explanation to understand. If you already know what the Realtime Blackhole List is, skip to the meat.E-mail was the Internet's first killer app. It dates all the way back to when the Internet was an academics-only network, where anybody online could probably be trusted to not abuse the system. Thus, the early protocols didn't always concentrate on security as much as might be expected today. E-mail servers were all what are now known as open relays, which means anybody could send an e-mail from the server without explicit permission. That mail would be indistinguishable from mail sent by local users of that system, because both local and foreign users were sending mail in identical fashions.By contrast, a closed relay requires verification of permission to send e-mail. This prevents non-local users from sending e-mail that looks as if it originated at the system.Today, open relays are the Internet's Gift to Spammers. Using an open server, any spammer can send out thousands upon thousands of mail messages, using somebody else's resources, and be difficult or impossible to trace, as all attempts to trace the spammer back to the origin would end at that mail server, unconnected to the real spammer.Combatting this is the most common function of the Mail Abuse Prevention System Realtime Blackhole List, though not the only function. The RBL is a list of all known sites that are spammer friendly, either because of overly-permissive policies at an ISP, an open-relay mail server, a site that sends out too much spam, or other reasons.MAPS sends a warning to the adminstrator of a server before listing it, and gives the admin time to correct the reason the server is being listed. My workplace has recieved such a warning for accidentally running an open relay... and we were quite pleased to recieve such a clear warning that spammers could use our mail server at will. Since the RBL system functions based on complaints, that means that it probably had been used by spammers, costing us time and money. We happily closed the hole and notified them that we had. After checking, they took our name off of the potentially-blocked list. This is a valuable public service.The subscribers are free to use this list in any way they choose (MAPS does not impose any sort of usage requirement, it's just a public service), but many, if not most, use it to block all e-mail coming from those servers... legitimate or otherwise. As a result of this common practice, for the first time in their long existance, MAPS are being sued by a company (Yesmail.com) for being listed in the RBL. Yesmail.com has won a temporary restraining order (which in this case is appropriate, BTW).I wanted to go into detail about the RBL so you could understand the issue. Yesmail.com contends that such a listing will interfere with their contractual obligations to send out spam (not that they phrase it that way 
). However, you must understand that MAPS simply provides a listing, which itself does nothing. The subscribers are the ones doing the blocking. This dichotomy means that Yesmail.com is contending that one of the following must be true:
- It is illegal to define what a spammer is, and then communicate to people that a site conforms to this definition of a spammer. (Yesmail.com claims not to be a spammer, but in lieu of a legal definition of the term, their definition really has no more force then MAPS's definition. And by MAPS's definition, they are.)Obviously, this would really limit the free speech rights of MAPS. It can hardly be libelous to say "Yesmail.com uses an opt-out system for marketing e-mail", which is what the RBL listing is saying... and that's all the RBL entry is saying. The listing implies no action. (Some sites merely mark mail as suspicious, allowing users to easily filter it out.)
- It is illegal to block mail from a site. Really, the fact that it happens to be the RBL in this case is irrelevant. What it would really boil down to is that you have a legal obligation to recieve e-mail from any and all sources, at cost to you. Extended more generally, you have a legal obligation to 'listen to' all communication directed your way electronically.Note: If spam was cost free to the end-user I'd agree that using the RBL to completely block mail would be wrong... but as it does costs the user, the admins are merely acting on behalf of the user, who I believe do not have the obligation to recieve any given communication.Admittedly, in this case they would be suing the wrong party, but much like the RIAA suing Napster, they are going after the central party for the activity of the end-users (mail server admins in this case), so it's not like this sort of legal idiocy doesn't have precendent.