Some members of GeoCities, the self-proclaimed "largest community on the Web" and provider of email and Web pages, may have had trouble sending messages lately. That's because early last week, the company was subjected to the same anti-spam boycott that recently confounded the Microsoft Network and Netcom Communications.
"GeoCities has open relays, refuses to close them, and doesn't answer our mail," said Paul Vixie, a California consultant and engineer who runs a powerful anti-spam boycott called the "Realtime Blackhole List."
On 15 June, GeoCities was added to that list -- which usually blocks outgoing email at the afflicted site -- for what Vixie and his team allege is the company's failure to prevent abuse of their systems by spammers. This usually means all mail sent from the afflicted domain bounces back to senders undelivered, leading to a flood of angry and confused customers.
But, because of the way GeoCities has set up its free member mail, the company has been largely unaffected. Until GeoCities was contacted by Wired News on Tuesday, company officials were unaware that they had been on the list for nine days.
The Realtime Blackhole List is a last-ditch boycott scheme designed to reduce spam. It is a free, opt-in service subscribed to by volunteer Internet service providers and network administrators worldwide. The list is used to configure a network so that sites used by spammers are automatically blocked from communicating with that network.
Since thousands of ISPs around the world voluntarily configure their networks with the black hole, and email typically traverses multiple networks before reaching its destination, a member of a black-holed site is usually cut off from from sending email to thousands -- if not millions -- of users worldwide.
Vixie condemned GeoCities to the black hole because his team found that it facilitates "third-party spamming," where spammers can use GeoCities' mail servers to launch floods of unsolicited email.
In the early days of the Net, open relays -- mail servers that invite anyone to connect and relay messages through them -- were the norm. But spammers have taken advantage of these open relays, causing most sites to block outside access. To many a spammer's delight, GeoCities is not among them, though Vixie says that closing the relays is a straightforward process that could be done in minutes.
"I don't know if they allow their users to send out spam, but the black hole was triggered by their lack of response to mail sent to abuse@geocities.com," said Vixie. "One assumes that if their users were spamming, they would refuse to answer mail about that, too."
But while Vixie claimed that GeoCities hadn't been answering its mail, nobody at the company seemed to know that they'd been added to the list.
"I'm sure that our people are aware of [the black hole]," said David Bohnett, GeoCities founder and chairman of the board. "We may even be using it to block spam ourselves."
GeoCities member Doug Berger said that he's not having any trouble at all with his email, since he now uses his regular ISP to send out mail -- as requested some months ago by GeoCities.
"[GeoCities] said at the time they were having problems with spamers using their mail server, and they planned to shut down the outgoing mail part of the server," Berger said. "They told us to switch our [outgoing mail] server to our ISP if possible, or use one of the Web-based email services to send mail," he said.
Vixie said that his team is not recieving the usual swamp of complaints that come with black-holing a service as large as GeoCities. He said his team is only hearing from roughly seven of the site's members a day.
Still, the black hole remains in effect. When told that he was on the list, Bohnett said that GeoCities is always right on top of such matters. "We're constantly improving and adding additional technology for spam filtering. Absolutely.
"We have very deliberate content guidelines," Bohnett said. "[GeoCities is] the largest community on the Web, and we specifically prohibit spam. We have an alert department that's been in place for quite a while that deals with that."
Three days before being black-holed, the company filed with the Securities and Exchange Commission to sell US$72 million worth of its stock to the public in an initial public offering. The section of the company's prospectus dealing with risk factors mentions spam as a liability.
"The Company also offers email services, which exposes the Company to potential risk, such as liabilities or claims resulting from unsolicited email (spamming)," the filing said. "... [T]he imposition on the Company of potential liability ... may require the expenditure of substantial resources and limit the attractiveness of the Company's services to members and users."
When Wired News informed Bohnett on Tuesday that the IP addresses for GeoCities' mail servers were still listed on the black hole, he said he would be sure to speak to Vixie and straighten things out.
Minutes later, black-hole volunteer Dave Rand said that GeoCities had called Vixie's team and that GeoCities was trying to figure out how to deal with the problem.
The mystery, for some observers, is why an outfit the size of GeoCities would have allowed spam abuse to have occurred in the first place.
"It surprised me that their mail servers would be set up to relay, because it's pretty standard now to shut the mail servers off of relay," said Jeff Field, CEO of NameSecure, a partner with GeoCities in providing email and domain forwarding for its members. "I'm trying to think ... why their mail servers wouldn't be buttoned down, but I can't...."
So far this year, both Netcom and the Microsoft Network have had to cope with being black-holed, with all its attendant headaches. But Vixie said that large services are slow to learn from experience.
"In fact, we're going to have to make those rounds more than once. Human nature has a big laziness-avoidance ingredient."
