Apple has reportedly begun the filtering of outbound messages sent via its MobileMe service. The fruity one has applied inbound filtering to inbound emails as a precaution against spam since last year. Last month, however, it began filtering messages that users sent using the service – for questionable reasons. The upshot is …
Could just be a glitch
But it demonstrates nicely the problems of dealing with a company who will only let you do what they think is best for you. As long as you do things the Apple way all is sweetness and roses but try to deviate from it and risk the wrath of the all powerful Jobs.
I would like to think its a glitch but given that they have a track record of this kind of thing (rejecting political apps from the store that they disapprove of for example) and the fact that they are filtering your outgoing mail in the first place with no good reason to (can't think of a good reason to be filtering your outgoing mail at all) should make people sit up and take notice.
I'd subscribe to it being a cock up too. Why would Apple care about some emails people send about Frankfurt & Brussels.
Write different, no big deal.
I think you need to reinitialise your humour routines.... That was actually quite witty.
You do realise DrXym's post was a joke, right? You know, based on Job's habit of short, shirty emails to disgruntled customers pissed off about whatever his latest crackdown is...
They've got an algorithm for that.. no big deal.
And once they detect you sending a few messages discovering the boundaries of the system they will mark you for manual approval (actively moderated outgoing email) and writign differently will just mark you as a subversive.
Or then again it might just be a simple pattern match; or a cockup; or a false-flag story.
...why should I write differently. Let me say what I want to say dag nabit!
AC - in case Jobs tried to filter this...
"routed" (subhead), "censor", "practised" (but only if you're British)
> "routed" (subhead), "censor", "practised" (but only if you're British)
It was the only way to avoid Apple's web sensoring technology.
Wouldn't this fall foul of the First Amendment? Surely they can't censor it for that reason alone?
Not as such.
The first amendment describes acts that the state absolutely cannot contravene. The constitution is a guarantee of fundamental rights that the state shall not abridge, it has no bearing on the acts of private individuals with each other, as long as both parties understand the agreement they are making.
If anything it would fall under breach of contract and passing off. Apple claims to provide a service. If they are deliberately hamstringing that service for political or social ends then they could be open to legal action.
What Graham said.
Free speech laws protect you against the state abusing its power, they don't grant you a right to say whatever you want, whenever you want. You're fully capable, for example, of barring access to your house for saying something you don't like.
Otherwise stuff like forum moderation would be impossible to conduct in democratic countries. I should now, in the site I've founded the trolls sometimes pull that BS argument out of their arses. Once we were even threatened by legal action over it by one poster, specifically for censoring references to a competitors website using very shitty and underhanded tactics*. The person in question was quickly put in place by stating that a) the free speech laws don't apply to private venues and b) the way he constructed his post could be used as a basis for a blackmail case :).
* how shitty and underhanded? For example, the poster in question was a newly registered user, introducing himself as such, later revealed to be one of said competitor site's co-founder.
But...but...but..This is America!®
"The constitution is a guarantee of fundamental rights that the state shall not abridge, [...].
But in America®, the Corporation **is** the State!
Yea right "in error"
If you really think this can happen in error then your kidding yourself.
Ohh I accidentally happened to write this thing to check emails and apply it to the outgoing mail. All by accident I promise.
Well it could be a haywire spam filter
I expect if you were to look at GMail or Hotmail that they have filters on outgoing mail, probably looking for patterns of behaviour / keywords which indicate a spammer / botnet was at work. So perhaps MobileMe is just being overzealous. Then again, perhaps it is actively filtering. People have the right to be annoyed if its triggering on innocuous content.
Reveals their true workings
I think it's a technical screw-up too. They do have a political filter on outgoing emails; but they just set the sensitivity too high. As a result, the army of secret service email-screeners was over-loaded with work.
Occam's Razor would suggest that they have a malfunctioning out-going spam filter, to protect people whose accounts have been hacked.
Rotten to the core.
In Soviet America, Apple thinks for you!
Yes Soviet style censorship is bad
But then this article being posted by The Register is extremely hypocritical. You see a while ago, the Register ran an article titled "Apple: iTunes ascends to the heavens this Spring" it was run at the time it was announced Steve Jobs serious health condition had caused him to move away from the front line. It was run with the picture of Steve Jobs, The Register always use, the one with the X through it. In other words, given the way The Reg always look for an angle and double meaning on their titles, the title was a bit sick. So I wrote a comment to that effect:
"Register, seeing as you are always looking for a twist and double meaning on every Title of every article, isn't the title of this one, well, a bit sick. I suppose you're going to say using the title along with a picture of Steve Jobs has unintended meaning. I'm all for edgy controversy - but there is overstepping the line - even for a deliberately controversial online news site."
The Register saw fit to ban the comment even though it was in no way profane or insulting. I notice there were very few comments against that article and the article was quickly demoted from the front page, so drew my own conclusion that there were many such banned comments pointing out the same thing. Statistically far fewer comments than there had been for any equivalent post. So Register, I'm calling you out on this due to rank hypocrisy. This is the Internet, ban this comment again, if you like. Though do consider I have some degree of reach and regularly contribute posts to an influential blog and I will also call you out on it on Twitter. If you have any intellectual credibility you will let this comment stand (doing so will be an admission of your previous attempt at censorship was misguided and hypocritical).
Let's see what stuff the Register is made of and if you can bear the same criticism you regularly put on others.
Re: Yes Soviet style censorship is bad
First - rejecting comments do not equal censorship. You are free to make those comments elsewhere - on your twitter blog for example.
Second, there is no picture in this article, so I am guessing that this is one of the "teaser" pics we use. It may have been in bad taste - although I disagree with you here - but it certainly was in unwitting bad taste.
Third, the article was not demoted quickly. Our articles fall down the page as new ones are published. Sometimes they are on the front page for less than a day.
Disagree away. That's kinda the point of comments. I don't think anyone expects everyone to agree. But that makes it all the more interesting the Register feels the need reject a comment that wasn't profane or insulting and now feels the need to redefine the meaning of censorship. What other possible explanation is there for rejecting the comment, that doesn't match the very definition of a censorious act ?
Don't the Register forum guidelines
make it quite clear that the Register reserve the right to take down any and all comments at their discretion? Fine for a comments forum, but not something I'd like to see applied by my email provider.
If you choose to live in a walled garden.....
I guess you have to accept that the Gardener is in control of what plant food you get, and if you get pruned. Glad I grow on common land.
They're trying not to originate spam or viruses, it looks like. Sending mail from a me.com account it hits their Oracle SMTP server (Oracle Communications Messaging Exchange Server 7u4-20.0) and gets headers added by a ProofPoint MLX appliance. In the thread on that link, messages that didn't get through had high spam scores.
So, yes, good for trying not to originate spam, bad for not telling users or giving them any way to know that's why their mail was blocked and bad for generally saying nothing about it. My header was:
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0
ipscore=0 suspectscore=0 phishscore=0 bulkscore=0 adultscore=0 classifier=spam
adjust=0 reason=mlx engine=6.0.2-1012030000 definitions=main-1106280211
So it looks like a ProofPoint MLX, plugged into F-Secure for AV, and doing its own antispam. The guy had a reject message with "spamscore=11".
It's doing it silently that sucks.
But what determines the spamscore value? That's how censorship would be excused - "Oh, your mail "looked" like spam to us,sorry"
Also "Doing it silently" == "Doing it secretly"
The Proofpoint box
Google Proofpoint MLX. The header gives the version of its definitions file.
Outbound spam filtering
Don't most SMTP relays (which is effectively what this is) have spam filtering? Given that many providers are quick to blacklist SMTP relays that produce high levels of spam (Hotmail seem pretty quick to jump the gun and previously blacklisted my ISPs SMTP fairly regularly until they applied spam control), I'm not surprised they do this. As you suggest though, not giving a failure message is a bit iffy.
Re: Looks like...
Makes sense and I have actaully suggested a couple of times that webmail services do this to prevent them being low-hanging fruit for spammers.
I did qualify that with that they should set the thing to only block the obvious shit and also provide an "Outbound Spam" folder for manual flagging as not spam, so it can learn the difference and the user can see WTF is going on. Both of these rather important pieces of the process Apple would appear to have overlooked.
I suspect that the reason the examples got dropped is the vast number of phishing/scam mails knocking around purporting to be hawt newz about the ongoing train wreck in the Eurozone, so anything with "Greece" and "Brussels" in it gets the heuristic banhammer.
For instance, I favour Governor Cialis for President in 2012.
He's a fine upstanding man.
The modestly notable Chinese town http://en.wikipedia.org/wiki/Karasahr apparently used to be known as Cialis. Its actual modern name is Yanqi Town, and the Yanqi Mosque apparently is notable as well, although not notable enough to have its own Wikipedia page.
Re: Looks like
> So it looks like a ProofPoint MLX, plugged into F-Secure for AV, and doing its own antispam. The guy had a reject message with "spamscore=11".
Well, how do you even get to that high a spam score?
I just send myself the following mail to check SpamAssasin:
"Watch new videos, showing Osama bin Laden under the influence of viagra commiting terroristic acts with Lady Gaga.
Watch the video and win millions of $$$$ by replying to whatthefuck@some-impossible-mail-adresZsss.biz !"
It was marked as _possible_ spam for the following reason (and still delivered, mind you):
" pts rule name description
2.2 DRUGS_ERECTILE Refers to an erectile drug"
You sent a single mail. Send it 1,000 more times and get concerned if it is still getting through then.
...the BCC: didn't help the spam score.
You don't build the infrastructure to do this by accident
As Ragarth says, you don't add the ability to censor messages based on content "by accident". It costs money, takes time away from other things, and is only worth the hassle if you see a need for it.
Maybe the feature was only for use in some unnamed market, but it unintentionally got turned on globally. That I can believe
This infrastructure was not built by accident, it's meant to control spam.
I would guess
That apple is looking to the Chinese Market for its all new iCloud services and needs to bend over and take it from the regime hence the requirement to scan outbound email at a full content level and block accordingly to be able to enter that market.
Same would likely soon apply in India as well and I doubt the NSA/CIA/MI6 et al would turn up there noses at the chance of some deeper monitoring of the people.
They arent the first to do it and they wont be the last.
Use a different email address
I try to make it a rule of thumb not to use proprietary channels on proprietary devices e.g. a MobileMe @me.com account on iPhone. If you use a MobileMe account then of course you are open to whatever predilictions Mr Jobs et al. decide to implement.
Stick with your own ISP email account & have an assortment of SMTP servers to hand.
Yes, I have a MobileMe account but would only ever dream of using it to blitz my iPhone if it got nicked.
But you never dictacte policy on those
Many ISPs have outsourced their e-mail somewhere else, who also scan and flag e-mails like this. They would be crazy not too since they would spread viruses like wildfire otherwise.
So it's really always out of your hands and strangled by predilitions of others unless you run your own e-mail server.
Someone clicked the wrong email server option at Apple
You know the super secret option that the Govt. (read shady corporate overlords) states they all have to have that instantly filters and censors content in times of major civil unrest/martial law/state of emergency etc.
You know I'm right.
If you trigger your outgoing spam filter...
...shouldn't it at least warn you?
Yes it should !
IMO there is absolutely zero excuse for blocking outbound mail silently - and anyone setting up a system that does this should not be allowed in charge of the tea trolley let alone an email server. The same applies (with some caveats) to inbound mail as well.
The problem is clueless ****wits who accept mail first and then try to decide what to do with it. It's a recipe for this sort of problem yet most large providers do it. Once you've accepted a mail for processing then you've immediately dug yourself into a hole with no satisfactory way out. If it turns out to fail your checks, what are you going to do about it now ? If you silently delete it then you are part of the problem. If you bounce it then you're part of the problem. In short - you are part of the problem.
If you check the message before you accept it then you can be not part of the problem. Take a look at it, if you aren't going to deliver it, then don't accept it. If it's direct from a client then the client will get a sending error and know there's a problem. If it's from another server then it's their problem (they can either tell the user, silently delete it, or bounce it - they are part of the problem, not you). But it means you are not part of the problem - you'll either deliver the message or whoever is trying to hand it to you will know that you won't.
The downside is that you need resources to scan mail as you receive it. Upside is that you can avoid being part fo the problem. Why do so many big outfits put so much effort into making the problem of spam so much worse ?
Digestives or Rich Tea?
Actually, being in charge of tea trolley would be ideal for these people. If you give them a request for tea and a plate of biscuits, and they don't arrive because they've 'filtered' the request, then you'd know about it. They can't secretly not give you your tea.
Otherwise you're spot on.
Because most of our users anyway prefer to have mail simply marked as spam and delivered to them, that why. I'd love to simply reject at smtp time, and we've tried it, but we then got an upsurge in 'I haven't had any mail today the system must be broken"
I conclude that the majority of at least our users *like* receiving spam, it seems to be the only explanation that fits know facts.
FaceBook censors info too and 500 million people still use it!
Think this is a simple isolated incident of spying and control? You only have to walk down the street to see the number of CCTV cameras here in the UK, Big Brother arrived years ago, there was no revolution it was very quiet and insidious. While we all had our backs turned ooing and ahhhing at the shiny tech, those in charge took the tech and turned it on us. As online communication has become the primary method of inter-person communication, it snuck in there yonks ago.
You lot having a pop at the whispy bearded messiah, you don't think your ISP or any other routes your communiques take, gets scanned and passed on or denied? I suspect there are quite a lot of gateways picking up and having a good old nose through your deliverables, you just don't know it as they're not stupid enough to stop it like old Jobs is.
Now stop worrying and go back to sleep plebs, stop thinking for yourselves you don't have the mental capacity, your leaders are in charge and they know what's good for you!
Facebook is not poractive in it's filtering, and only responds to large pressure groups. While this is far from ideal, a company filtering non-controversial content based on it's own views is much more Big Brother to me
...Mobile.me is being retired (or retyred...). Could this simply be a symptom of it being shut down?
I've just sent an e-mail with that phrase within
and it worked fine from MobileMe. Whatever reason it was, it seems to have cleared up. I've seen this happen with just about any e-mail provider who scans their e-mails for spam and viruses. Think they are called "false positives"?
X-Proofpoint-Spam-Details: rule=notspam policy=default score=3 spamscore=3
ipscore=0 suspectscore=0 phishscore=0 bulkscore=0 adultscore=0 classifier=spam
adjust=0 reason=mlx engine=6.0.2-1012030000 definitions=main-1107060058
I've dealt with scary stuff where my designs are responsible for saving many lives, counselled people at risk and this scares me.
- Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
- Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
- Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
- Feast your PUNY eyes on highest resolution phone display EVER
- AMD demos 'Berlin' Opteron, world's first heterogeneous system architecture server chip