Author Archives: Bruce

A Dynamically Colored Map

This is a very simple program that I wrote that lets you dynamically modify the colors of images. I wrote it mainly for fun to provide a neat mapping feature to the website Where’s George? that lets users track where dollar bills travel around the US and other countries. Since I’ve heard from a number of people asking for details as to how I did this I decided to make the code available for free under the GNU GPL, so here it is…

What this code lets you do is create a map of the US like the one below in which the color of each state can be changed dynamically. If you look at the source of this HTML page you’ll see that this isn’t just a static JPEG but instead is made by a call to a CGI script that defines the colors for each state (with gray being the default):

The URL for the above image is :

http://bruce.pennypacker.org/cgi-bin/map.pl?CA=1&NY=2&FL=3&TX=4&NE=5&ND=6&IN=1&WA=2&VA=3&SC=4&AK=5

Feel free to cut & paste the URL into your browser and change the values. You can set any state using the abbreviations in the map to any value between 1 and 6. The program lets you set colors to any RGB value but for simplicity and security the CGI script only defines six colors.

Source code for the program can be downloaded here.

NANAE FAQ

Your First Post To NANAE
Before you create and send your first posting, please read the following
Section 1
Avoiding Mistakes
Section 2
Block Lists, Posting Advice, Blocklist History, SPEWS Mini-FAQ
Section 3
Welcome to the newsgroup news.admin.net-abuse.email, known as “nanae”!
Executive Summary: Avoid the common mistakes of new posters, carefully consider your Subject: line before posting, don’t panic (even if you are angry), and be aware of the skills, knowledge, and in-jokes of frequent participants. Do a little research before you post, and be ready for a wide range of responses once you do post. If time is of the essence, you can skip the Cultures and Characters sections at the end of this document and view either:
Please read before posting! The purpose of this FAQ is to prepare you to “look your best” when posting to the group. None of this advice is mandatory, but it will assist you in receiving the best possible response to your message. Since knowledge is power, you are encouraged to “power up” before posting by checking out the following information.
Take a deep breath and count to ten before you compose your message. Coming to NANAE making threats is like charging into a warehouse full of leaking gasoline, blasting powder and dynamite with a flame thrower and being incinerated as the warehouse goes up with a colossal ***FOOOOMMMM***, accompained by a rain of popcorn.
If you are uncertain that your topic belongs in news.admin.net-abuse.email, please take a few moments to read the POINTER: ALL THESE NET-ABUSE GROUPS! WHICH ONE SHOULD I USE? FAQ
Avoid These Mistakes
  • Do not use the word “SPAMTM (all capitals), although “spam” and “Spam” are acceptable. “SPAMTM” is a trademark for Hormel processed meat. If you use “SPAMTM” to refer to unsolicited advertising email, you will be razzed as a “clueless newbie”.
    http://www.hormel.com/
  • Do not confuse spamming with marketing. Marketing is the process of promoting, selling, and distributing a product or a service while spamming is trespassing into a private email box. If you insist that spamming is marketing, you will be razzed for being a Marketoon — a lunatic posing as a marketer.
  • Do not post your answer at the top of the quoted posting. Most viewers read from top to bottom and will miss the flow and context of the discussion if they read your answer before they read the previous poster’s question. If you do add your comments to the very top of a quoted message, you will be razzed as a “Top Poster” and you might be razzed as a Microsoft-centric lemming since Microsoft products encourage non-standard top-posting.
    http://www.geocities.com/nnqweb/nquote.html
Dave: Oh! Now it makes sense to me. Okay! No more top-posting for me!
Bob: It’s annoying because it reverses the normal order of conversation. In fact, many people ignore top-posted articles.
Dave: What’s so wrong with that?
Bob: That’s posting your response *before* the article you’re quoting.
Dave: People keep bugging me about “top-posting.” What does that mean?
A: Top posters.
Q: What is the most annoying thing on Usenet?
http://www.mindspring.com/~frites/repl.htm
http://www.netmeister.org/news/learn2quote.html
http://www.geocities.com/nnqweb/nquote.html
  1. Do not accuse the posters of being Net Cops, Dot Communists, Anti-Commerce Radicals, or other defamatory names. Insulting regular posters to the newsgroup will not help you get your point across or draw you sympathy or assistance. Most of the posters here are system administrators, and it’s their job to enforce the Terms and Conditions of Internet access on their machines. If you mischaracterize their efforts in this manner, you will be razzed as a spammer, spam apologist, or spam supporter.
    http://www.faqs.org/rfcs/rfc1855.html
  2. Do not threaten legal action in your first post unless you have checked with an attorney. (Hint: if you speak with an attorney first, you will be advised not to annouce your intent to file a legal action). Spammers often threaten lawsuits, and The Nanae have come to regard such bluster with well-deserved cynicism. Existing case law regarding resistance to spam is nicely summarized in the CompuServe vs. Cyber Promotions Consent Decree, and you are encouraged to read it thoroughly and show it to your attorney before threatening legal action. If you choose to wave around legal threats and spout official-sounding mumbo-jumbo, you will be razzed for making “cartooney” threats, for attempting a SLAPP Suit, or for actually being a cartooney.
  3. Do not make references to Hitler, genocide, 40’s-era Germany, Nazi (including “Net Nazi”) or any other totalitarian remark. It shows a gross misunderstanding of the resistance to spamming as well as a gross misunderstanding of the holocaust of World War II. “Godwin Invoked” as a response to your posting means you have reduced the thread to irrelevance (see “Godwins Law” in the terminology FAQ). You will be razzed for your rather spectacular lack of comprehension if you use this style of argument.
    http://home.att.net/~marjie1/Glossary.htm
    http://www.ncf.carleton.ca/ip/freenet/subs/complaints/spam/jargon.txt
    http://www.tuxedo.org/~esr/jargon/
  4. Do not demand results by a certain date or time, or use similar attempts at intimidation. Nanae is not your personal helpdesk. If you do make demands, you will be razzed for attempting to control a situation over which you have no authority.
  5. Do not accuse the frequent posters to this group of being a part of some secret society that seeks unilateral control of the Internet and/or seeks the deforestation of the world’s precious natural resources by encouraging the use of postal advertising paper mail while simultaneously discouraging the use of email. You will be razzed by agents of the Lumber Cartel (tinlc) and members of the Internet Cabal (tinc), two fine organizations that do not exist and which do not have official web sites at the following URLs:
    http://lumbercartel.freeyellow.com/
    http://www.cabal.net/
    Notice: Not affiliated with Villain Supply Dot Com
  6. Do not post information about an alleged spammer and say “Go Get Them!” Nanae is not a lynch mob and does not take official action on a group basis. Antics such as mailbombing, cracking, fax overloading, and excessive calls to a spammers toll-free number are abusive, illegal, and counterproductive because it reduces you to the spammer’s level. If you do make such a request or encourage others to engage is such activity, you will be razzed as a “lazy bum” (not in the terminology FAQ) and/or a “slacker” (also not in the terminology FAQ) for making others do your work.
  7. Do not masquerade as an anti-spammer while posting with a pro-spam attitude using two or more different email accounts such as Yahoo or Excite. You will be razzed for being a “sock puppet” for a die-hard spammer.
  8. Do not bother saying, “I hate spam as much as the next guy, but you folks are doing everything all wrong.” If you do, The Next GuyTM will show up and remind you that he hates spam much more — and the remaining posters will razz you for misidentifying yourself as an expert or as a know-it-all.
  9. DO NOT SHOUT IN YOUR POSTINGS USING ALL CAPITAL LETTERS! It is NOT NECESSARY and actually INTERFERES WITH READING. If you SHOUT EXCESSIVELY in your posting, you WILL be RAZZED for using mommy’s AND daddy’s computer withOUT their knowledge and consent.
  10. Do not accuse The Nanae of “not having a life” or characterize them as “geeks who can’t get a date” or suggest they use their free time to “save the planet”. If you do, you will be razzed as a spammer who got caught and subsequently lost their Internet connectivity, usually accompanied with descriptive language cheerfully discussing the thorough and complete flattening of various critical body parts utilizing a wide variety of modern industrial tools typically found in a well-equipped auto body shop.
  11. Do not use the term “Double Opt-In” when referring to the confirmed opt-in process since the confirmation step is not an opting step. Spammers generally skip the confirmation step entirely by requiring an email address to be entered twice on a web form instead of verifying that the owner of the email address actually signed up. If you do use the term “Double Opt-In” you will be razzed for engaging in “spammer-speak”. Followup replies will ask if you “Double-Answer the Phone when it rings”.
  12. Do not assume a concensus of opinion from any one posting. Anyone can post any opinion and masquerade as any thing they want. If you’re looking for help, you’ll get help. If you’re looking for a fight, you’ll get a flamefest. If you’re looking to defend self-centered email policy decisions in an environment that is cooperative by its very nature, you can expect to be jointly and thoroughly razzed for being part of the problem. In the words of many a poster, “Welcome to Usenet.
Finally, take the time to read the group for a week or so to get a feeling for the mood of the posters and their responses to other messages. You may also find that any questions you were planning to ask have been answered in various message threads.
Also: If you find yourself somewhat bewildered at the apparent contradictions sprinkled throughout this document, you are making great progress and are almost ready to create your first posting to the newsgroup! When you are comfortable with these contradictions, you will be ready to contribute to the ongoing discussion.
Posting Advice
The Subject: Line
The “Subject:” Line: is the most important part of your posting. Given the large amount of traffic in the group, your message may be ignored by those who are short on time if your subject is not clear and descriptive. Generally, the subject should clearly summarize your key point, even if it “gives away” your message. Example subject lines:
Example 1
Bad Look at this!
Better Spam header shows recursion!
Example 2
Bad Hey, SPEWS
Better [S-4182] domainname.com Does Not Spam!
Example 3
Bad Nice URL
Better [ OT ] “Daily Bikini” Start Page
Be Calm, Don’t Panic!
If ISPs are rejecting your email you are understandably upset. Before you post, keep this clearly in mind:
Don’t post anything to Usenet that you wouldn’t have on your résumé.
Consultants have been censured and employees have been terminated for ill-considered Usenet posts. Embarrassing public apologies/retractions have been posted after “counselling” from employers. Prospective Employers, Enemies, even your Grandmother can read anything you ever post at http://groups.google.com/groups. This message archiving service is free, goes back 10 years, and is available 24/7 to anyone with a web browser. So remember:
DON’T POST ANYTHING TO USENET THAT YOU WOULDN’T HAVE ON YOUR RÉSUMÉ because Usenet is used by more & more employers as *part of your résumé*.
Block Lists
MAPS
The Mail Abuse Protection System was one of the first public lists of known spam sources available to all ISPs. It had a policy of accepting “nominations for listing” which was followed by an attempt to educate the abuser. If education was unsuccessful, the nomination for listing was approved.
  • Getting off the MAPS List: Contact MAPS and explain that you have a plan to correct the situation, then follow that plan.
SPEWS Mini-FAQ
The Spam Prevention Early Warning System is one of many public lists identifying known spam sources. It is also one of the most controversial and effective lists available to Internet Service Providers for controlling the inflow of unsolicited advertising email. If you’re posting about a SPEWS listing, be sure to include the record number (S-nnnn). This will ensure the best response and help to conserve valuable administrator time. Keep in mind, however, that the group cannot remove you from any particular list, but what you will get is the best advice on how you can help yourself out of the situation.
  • Getting Off The SPEWS List: “If you are not the administrator of the IP address(es) in the SPEWS list, then you should contact your ISP in order to attempt to resolve the problem. When you contact your ISP, they will need a copy of the bounce message which you received and/or other evidence of the problem. Be sure to include the IP address which was rejected. Let them know that it is on the SPEWS list and give them the URL of the lookup form.” From the SPEWS FAQ. Need more information? Check out the DeSPEWS page.
  • Why the large IP range? If the netblock is used for dialup connections, that means the spammer gets a different IP number with each spam run since IP numbers are dynamically assigned. If IP numbers in the block are statically assigned by the block owner, the range is large because the block owner will tend to move a spammer from one IP number to another within the same block and then annouce “We have removed the customer at IP number xxx.xxx.xxx.xxx”, hoping that people won’t notice the offending customer hasn’t actually been terminated.
  • Clerical Errors happen from time-to-time, causing accidental listing of IP addresses not associated with spam supporting upstream providers. Fortunately, SPEWS personnel read news.admin.net-abuse.email and have quickly corrected mistakes in the past. To address the issue, your posting should show that your upstream provider is not a spammer & you are not a spammer. In the Subject: line, mention SPEWS, the S-record number, and “Listing Error” for the best results.
  • Summary of Frequent Answers about SPEWS:
    1. YOU aren’t listed, your provider is listed.
    2. YOU can’t get unlisted, ONLY your provider can get unlisted
    3. Spews does not take emails, send emails, or otherwise communicate. Any discussion with SPEWS would be unproductive, since the requirement for delisting is the removal of the spammer identified in the evidence record, something only your provider can do. In other words, it is better to discuss with your provider, who is listed, and not SPEWS.
  • Summary of Frequently Offered Solutions are:
    1. Live with it.
    2. Move to another provider
    3. Get your provider to boot their spammers and the listing will eventually go away.
  • Questions relating to the Frequently Offered Solutions (“How Do I Find A Non-Spamming Upstream?”, “Why would my provider listen to me?”, “What evidence will I need to provide to my upstream so they’ll take action?”, etc.) are reasonable and are welcome in the newsgroup.
  • Qualifying A New Service Provider (Courtesy of John Elsbury in nanae): Here, for the benefit of the innocent, is a sample set of questions that a prospective purchaser might ask the hosting company as part of the “due diligence” process.
    1. What is your policy regarding using your facilities for sending unsolicited commercial e-mail, hosting sites and email accounts (including redirectors) advertised in this way, and any other activity which might cause IP addresses in your range to be publicly blocklisted?
    2. Do you have a functioning “abuse” and “postmaster” addresses and is correspondence to them promptly dealt with by a live human?
    3. Is all your contact information currently published on the Internet and held in domain registries accurate and complete?
    4. Are the IP addresses you will allocate to me currently on, or have they ever been on any public blocklists, including those listed at http://www.osirusoft.org ?
    5. Have any other IP addresses hosted by yourselves ever been on any blocklists or are they now on any blocklists?
    6. What guarantee can you offer me that the IP addresses to be allocated will not later be blocked or become unusable as a result of acts or omissions on your part, and what actions would you take (or what contractual adjustments will you make) if this situation does occur?
Brief Blocklist History
Courtesy of Frederick, the Amateur Spam Killer in news.admin.net-abuse.email
1. AGIS decided to be a spam-supportive major backbone provider in the early days of the spam wars. As long as the spam was sent from some other ISP, AGIS would not pull the spamvertised site. The result was that hundreds of individual ISP admins put pieces, and eventually 100%, of all AGIS netspace into their blacklists, with a note not to remove the blacklists until the heat-death of the universe. AGIS, therefore, died the death of a thousand cuts.

2. MAPS (Mail Abuse Prevention System – www.mail-abuse.org) was eventually set up with the idea of educating the $BADISP on the evils of spam, and then eventually listing pieces of their customer’s IP space in a blacklist. It was ultra-conservative. You had to send complaints to the $BADISP, make phone calls, etc, before submitting a nomination to MAPS for inclusion into their blacklist. When it was done, one or two IP’s were included, which did essentially nothing to encourage the $BADISP to terminate their spammers. The reason was simple: The spammers sent from a third party ISP, and the MAPS listing did nothing to stop people from going to that website. $BADISP had no incentive to terminate their spammer’s accounts, the spammers would continue to spam, and the situation, sadly was not resolved.

3. One major spammer sued MAPS due to their listing (which was perfectly valid). They kept the financial pressure on MAPS until they folded and said “ok, this particular spammer can be removed from the blacklist”. MAPS was a good idea that failed.

4. The result was SPEWS. You cannot negotiate with SPEWS. You cannot submit nominations to SPEWS. You cannot beg to get out of SPEWS. SPEWS simply says “$BADISP is hosting spammers.” It starts with just the IP space of the spammer, and over a period of time, puts more and more financial pressure on $BADISP by listing more and more of their IP space until $BADISP gains clue, i.e., keep the spammer and lose legitimate customers (bleed money right and left), or lose the spammer and keep the legitimate customers (be profitable).

Opposition To Spam
Spamming is a violation of:
Introduction
Introduction, eh? This introduction is located midway through the document so that those who are in a hurry and need the bare essential information prior to posting are served first. Thank you for taking the time to dig a little deeper into the inner workings of the newsgroup!

Group Purpose: Nanae is where computer system administrators and other dedicated spam fighters gather to share information on responding to abusive email practices, most notably unsolicited bulk/advertising email (also known as “spam“), open relays, and address obfuscation. You will also find an occasional running battle with a spam supporter who decides to vent in the group.

Assistance: Requests for help and advice are welcome and will generally receive a fairly prompt and detailed response.

Spam Tracking: It is vitally important that you include complete headers for a spam email (the spam message itself is irrelevant and should be deleted from your posting) if you desire help tracking the source. Be sure to mention what you’ve tried in your effort to analyze the headers, or what is causing the problem in your analysis when you post your message. It is okay — encouraged, really — for you to delete or munge URLs and email addresses of yourself and innocent third-parties so they are not harvested by the spammers. From the munging FAQ, maintained by W.D. Basely:

The Munging FAQ is intended to be a concise discourse on “spam-blocking”. Otherwise known as “munging”, or breaking one’s email address, this is usually done when posting to Usenet, for the purposes of avoiding junk email. It is very important to “mung” in ways that minimize possible damage to third parties.

Full Headers: Instructions for getting full headers from various popular email programs are available from many sources, including:

Culture
Culture: Over the years, a friendly camaraderie has formed among the frequent posters, and the group as a whole has formed its own unique way of doing things. You’ll find wildly off-topic [OT] subjects tend to form frequently within threads among those who know each other, just as you’d see at any gathering of like-minded individuals. Some of the unique concepts in the group include:

  • Terminology: It is vitally important to read the terminology FAQ to keep up with abbreviations such as TANSTAAFL (There Ain’t No Such-a Thing As A Free Lunch) and cockeyed concepts such as “Frea Speach”, “Ethikul Bidniz”, “Chickenboning” (including oblique references to Colonel Harland Sanders), and “Mainsleeze”.
  • Coffee and Cats [C&C]: A subject-line marker to indicate that the posting contains humor that might cause the viewer distress if they are drinking coffee (which might be spewed onto the monitor during a helpless spasm of laughter) or if they are tending to a lap cat (who might inflict significant scratches and injury to avoid a fall during paroxyms of laughter). Posts not containing the [C&C] notation that DO contain humor generally result in faux billings for new keyboards as well as for feline psychological therapy.
  • Popcorn: An indication that a huge brouhaha is under way or that an amazingly clueless message has appeared which will engulf most of the nanae participants, cause multiple-hundreds of follow-up replies, and generate a bit more heat than light. Frequently seen after a cartooney threat has been posted, but may appear when any remarkable posting appears.. Imagine yourself in a theater watching an action/adventure movie, or at a sporting event in the stadium as the snack hawkers wander by. N.B.: “See The Show” by Emerson, Lake, and Palmer makes for great background music while following a popcorn thread.
  • Rules of Spam: Over time, various characteristics of spam and spammers have been identified and codified. Patricia Shaffer is the official rule keeper and Mart van de Wege keeps the current list online for easy reference. Knowledge of these six carefully-crafted rules of spammer behavior will help when reading postings that refer to “Rule 3” or “Rule 1” without further explanation.
    http://drebbelstraat20.dyndns.org/~mvdwege/misc/spamrules.html
  • The Anti Defamation League: No matter what item (animal, vegetable, or mineral) you use for comparison with a spammer, the appropriate anti-defamation league — which may or may not be an actual organization — will appear and demand a retraction and apology. Originally promulgated by Gym Quirk, also famous for the Quirk Objection (“answer assumes faculty not in evidence”), this technique has spread throughout the channel. An example of the discussion:
    • Ed Clarke writes:
      “Persecuting that misbegotten cross of a half breed slime mold and a dung beetle is a benefit to all humanity.”
    • Robi writes:
      “The slime mold and dung beetle anti-defamation league will get in touch with you shortly.”
Characters
Characters: As with most newsgroups, nanae has it’s share of kooks, weirdos, and charlatans. Their postings are usually answered with “Do Not Feed The Troll” followups, sometimes including some very clever ASCII art (best viewed using a monospaced font). Flamers and judgemental types abound, mostly as a form of defense against the relentless abuse they receive as a part of their daily job, and their information is just as good as others (if a bit hard to take at times).

  • Kooks: Highly opinionated people, frequently lacking a sound and factual basis for their comments, who post long rambling diatribes that only tangentially relate to the topic at hand. KOOKS may be an abbreviation for the Keepers Of Odd Knowledge Society, but there has been no confirmation of this assertion.
    http://tuxedo.org/~esr/jargon/html/entry/kook.html
  • Trolls: Verbal bomb throwers who post topics and information known to upset others in the group just to get a discussion going, usually generating more heat than light. Most Trolls (short for “trolling for followups”) ignore helpful responses.
    http://tuxedo.org/~esr/jargon/html/entry/troll.html
  • OS Warriors: On occasion, there will be a remark about the “best operating system” which immediately causes all participants in the group to take potshots at each other, other operating systems, and a variety of unrelated subjects.
  • Flamers: Within the newgroup setting, flamers are an important part of the overall response to spammers, because they persist in their efforts when others back off. It’s sad but true that some die-hard spammers only respond appropriately when defeated by a superior force. If you find yourself the target of a flamer, nomex clothing is recommended.
  • Others: You will also find some friendly and helpful folk that are happy to assist you in your efforts to deal with the spam problem.

Welcome to news.admin.net-abuse.email!

Other FAQs
Reading the News.Admin.Net-Abuse.Email newsgroup.

RFC 1855: Netiquette for email and Usenet

POINTER: ALL THESE NET-ABUSE GROUPS! WHICH ONE SHOULD I USE?

Email Abuse FAQ

Address Munging FAQ

news.admin.net-abuse.email FAQs:

The Evils of Spam
Spamfighting Overview
Terminology
Newsgroup Charter
Designated Mirrors
Pick a site nearby for best performance.

AMRAY.NET Manitoba Canada
Chebucto Nova Scotia Canada
Sitetamer.com Georgia USA
81832.com Illinois USA
Johny5.com Indiana USA
The Foxhole.org Michigan USA
Techhouse.org Rhode Island USA
Contributors
Thanks to the following, who carefully read the original drafts(s), giggled themselves silly at all the errors, and were somehow able to offer constructive criticism with a straight face:

  • Andrew T. Young
  • Angel
  • Anri Erinin
  • Bart Ashe
  • BEI Designs
  • DarkFiber
  • Duncan Hill
  • Hawkeye-X
  • Jacob Jay
  • James Farmer
  • Jeff C.
  • John Elsbury
  • John F. Hall
  • Karl A. Krueger
  • Larry M. Smith
  • Laurence F. Sheldon
  • Norman L. DeForest
  • Patricia A. Shaffer
  • Paul Vader
  • Robert Myers
  • Spamjamr
  • Taki Kagoma
  • Uh Clem, Mr.
  • User Ron
  • Warwick
  • Will Yardley
  • William James
Revision History
12 December, 2002: Added “Qualifying A New ISP”, thanks to John Elsbury

9 October, 2002: Added Blocklist History section, thanks to Frederick

22 September, 2002: Updated SPEWS information to Mini-FAQ status

28 August, 2002: Rearranged sections so those in a hurry get the good stuff first.

20 August, 2002: Added Executive Summary, divided FAQ into three parts, added Popcorn to Culture

8 August, 2002: Rough draft posted for suggestions.

FAQ maintained by: George Crissman, strads@excite.com

Contents Copyright © 1998, 1999, 2000, 2001, 2002 by George Crissman. All rights reserved worldwide