back to article Apple users complain over MobileMe 'censorware'

Apple has reportedly begun the filtering of outbound messages sent via its MobileMe service. The fruity one has applied inbound filtering to inbound emails as a precaution against spam since last year. Last month, however, it began filtering messages that users sent using the service – for questionable reasons. The upshot is …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Big Brother

    Could just be a glitch

    But it demonstrates nicely the problems of dealing with a company who will only let you do what they think is best for you. As long as you do things the Apple way all is sweetness and roses but try to deviate from it and risk the wrath of the all powerful Jobs.

    I would like to think its a glitch but given that they have a track record of this kind of thing (rejecting political apps from the store that they disapprove of for example) and the fact that they are filtering your outgoing mail in the first place with no good reason to (can't think of a good reason to be filtering your outgoing mail at all) should make people sit up and take notice.

  2. Richard 31
    Paris Hilton

    First Amendment?

    Wouldn't this fall foul of the First Amendment? Surely they can't censor it for that reason alone?

    1. Graham Dawson Silver badge

      Not as such.

      The first amendment describes acts that the state absolutely cannot contravene. The constitution is a guarantee of fundamental rights that the state shall not abridge, it has no bearing on the acts of private individuals with each other, as long as both parties understand the agreement they are making.

      If anything it would fall under breach of contract and passing off. Apple claims to provide a service. If they are deliberately hamstringing that service for political or social ends then they could be open to legal action.

      1. Someone Else Silver badge
        Holmes

        But...but...but..This is America!®

        "The constitution is a guarantee of fundamental rights that the state shall not abridge, [...].

        But in America®, the Corporation **is** the State!

    2. Anonymous Coward
      Boffin

      What Graham said.

      Free speech laws protect you against the state abusing its power, they don't grant you a right to say whatever you want, whenever you want. You're fully capable, for example, of barring access to your house for saying something you don't like.

      Otherwise stuff like forum moderation would be impossible to conduct in democratic countries. I should now, in the site I've founded the trolls sometimes pull that BS argument out of their arses. Once we were even threatened by legal action over it by one poster, specifically for censoring references to a competitors website using very shitty and underhanded tactics*. The person in question was quickly put in place by stating that a) the free speech laws don't apply to private venues and b) the way he constructed his post could be used as a basis for a blackmail case :).

      * how shitty and underhanded? For example, the poster in question was a newly registered user, introducing himself as such, later revealed to be one of said competitor site's co-founder.

  3. Kristian Walsh Silver badge
    Headmaster

    Sp?

    "routed" (subhead), "censor", "practised" (but only if you're British)

    1. Syren Baran
      Joke

      Re: Sp?

      > "routed" (subhead), "censor", "practised" (but only if you're British)

      Thats deliberate.

      It was the only way to avoid Apple's web sensoring technology.

  4. DrXym

    Simple answer

    Write different, no big deal.

    1. This post has been deleted by its author

      1. This post has been deleted by its author

      2. Chad H.

        @ Ac

        I think you need to reinitialise your humour routines.... That was actually quite witty.

      3. Jeremy 2
        FAIL

        Double Fail

        You do realise DrXym's post was a joke, right? You know, based on Job's habit of short, shirty emails to disgruntled customers pissed off about whatever his latest crackdown is...

    2. Owen Carter
      Holmes

      That depends.

      They've got an algorithm for that.. no big deal.

      And once they detect you sending a few messages discovering the boundaries of the system they will mark you for manual approval (actively moderated outgoing email) and writign differently will just mark you as a subversive.

      Maybe..

      Or then again it might just be a simple pattern match; or a cockup; or a false-flag story.

      Who knows..

    3. Anonymous Coward
      Anonymous Coward

      No!...

      ...why should I write differently. Let me say what I want to say dag nabit!

      AC - in case Jobs tried to filter this...

  5. Dave 142

    .... up

    I'd subscribe to it being a cock up too. Why would Apple care about some emails people send about Frankfurt & Brussels.

  6. Ragarath
    Facepalm

    Yea right "in error"

    If you really think this can happen in error then your kidding yourself.

    Ohh I accidentally happened to write this thing to check emails and apply it to the outgoing mail. All by accident I promise.

    1. DrXym

      Well it could be a haywire spam filter

      I expect if you were to look at GMail or Hotmail that they have filters on outgoing mail, probably looking for patterns of behaviour / keywords which indicate a spammer / botnet was at work. So perhaps MobileMe is just being overzealous. Then again, perhaps it is actively filtering. People have the right to be annoyed if its triggering on innocuous content.

  7. Anonymous Coward
    Big Brother

    Rotten to the core.

    In Soviet America, Apple thinks for you!

    1. SuccessCase
      Megaphone

      Yes Soviet style censorship is bad

      But then this article being posted by The Register is extremely hypocritical. You see a while ago, the Register ran an article titled "Apple: iTunes ascends to the heavens this Spring" it was run at the time it was announced Steve Jobs serious health condition had caused him to move away from the front line. It was run with the picture of Steve Jobs, The Register always use, the one with the X through it. In other words, given the way The Reg always look for an angle and double meaning on their titles, the title was a bit sick. So I wrote a comment to that effect:

      "Register, seeing as you are always looking for a twist and double meaning on every Title of every article, isn't the title of this one, well, a bit sick. I suppose you're going to say using the title along with a picture of Steve Jobs has unintended meaning. I'm all for edgy controversy - but there is overstepping the line - even for a deliberately controversial online news site."

      The Register saw fit to ban the comment even though it was in no way profane or insulting. I notice there were very few comments against that article and the article was quickly demoted from the front page, so drew my own conclusion that there were many such banned comments pointing out the same thing. Statistically far fewer comments than there had been for any equivalent post. So Register, I'm calling you out on this due to rank hypocrisy. This is the Internet, ban this comment again, if you like. Though do consider I have some degree of reach and regularly contribute posts to an influential blog and I will also call you out on it on Twitter. If you have any intellectual credibility you will let this comment stand (doing so will be an admission of your previous attempt at censorship was misguided and hypocritical).

      Let's see what stuff the Register is made of and if you can bear the same criticism you regularly put on others.

      1. Anonymous Coward
        Anonymous Coward

        Re: Yes Soviet style censorship is bad

        First - rejecting comments do not equal censorship. You are free to make those comments elsewhere - on your twitter blog for example.

        Second, there is no picture in this article, so I am guessing that this is one of the "teaser" pics we use. It may have been in bad taste - although I disagree with you here - but it certainly was in unwitting bad taste.

        Third, the article was not demoted quickly. Our articles fall down the page as new ones are published. Sometimes they are on the front page for less than a day.

        1. SuccessCase
          Megaphone

          Great !

          Disagree away. That's kinda the point of comments. I don't think anyone expects everyone to agree. But that makes it all the more interesting the Register feels the need reject a comment that wasn't profane or insulting and now feels the need to redefine the meaning of censorship. What other possible explanation is there for rejecting the comment, that doesn't match the very definition of a censorious act ?

          1. Lamont Cranston

            Don't the Register forum guidelines

            make it quite clear that the Register reserve the right to take down any and all comments at their discretion? Fine for a comments forum, but not something I'd like to see applied by my email provider.

  8. CarlC
    Meh

    If you choose to live in a walled garden.....

    I guess you have to accept that the Gardener is in control of what plant food you get, and if you get pruned. Glad I grow on common land.

  9. Buzzword

    Reveals their true workings

    I think it's a technical screw-up too. They do have a political filter on outgoing emails; but they just set the sensitivity too high. As a result, the army of secret service email-screeners was over-loaded with work.

    Occam's Razor would suggest that they have a malfunctioning out-going spam filter, to protect people whose accounts have been hacked.

  10. Anonymous Coward
    Holmes

    Looks like...

    They're trying not to originate spam or viruses, it looks like. Sending mail from a me.com account it hits their Oracle SMTP server (Oracle Communications Messaging Exchange Server 7u4-20.0) and gets headers added by a ProofPoint MLX appliance. In the thread on that link, messages that didn't get through had high spam scores.

    So, yes, good for trying not to originate spam, bad for not telling users or giving them any way to know that's why their mail was blocked and bad for generally saying nothing about it. My header was:

    X-Proofpoint-Virus-Version: vendor=fsecure

    engine=2.50.10432:5.4.6813,1.0.211,0.0.0000

    definitions=2011-06-28_07:2011-06-28,2011-06-28,1970-01-01 signatures=0

    X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0

    ipscore=0 suspectscore=0 phishscore=0 bulkscore=0 adultscore=0 classifier=spam

    adjust=0 reason=mlx engine=6.0.2-1012030000 definitions=main-1106280211

    So it looks like a ProofPoint MLX, plugged into F-Secure for AV, and doing its own antispam. The guy had a reject message with "spamscore=11".

    It's doing it silently that sucks.

    1. kissingthecarpet
      Big Brother

      Fair Enough

      But what determines the spamscore value? That's how censorship would be excused - "Oh, your mail "looked" like spam to us,sorry"

      Also "Doing it silently" == "Doing it secretly"

      1. Anonymous Coward
        Holmes

        The Proofpoint box

        Google Proofpoint MLX. The header gives the version of its definitions file.

      2. Robert Carnegie Silver badge

        For instance, I favour Governor Cialis for President in 2012.

        He's a fine upstanding man.

        The modestly notable Chinese town http://en.wikipedia.org/wiki/Karasahr apparently used to be known as Cialis. Its actual modern name is Yanqi Town, and the Yanqi Mosque apparently is notable as well, although not notable enough to have its own Wikipedia page.

    2. Annihilator
      Boffin

      Outbound spam filtering

      Don't most SMTP relays (which is effectively what this is) have spam filtering? Given that many providers are quick to blacklist SMTP relays that produce high levels of spam (Hotmail seem pretty quick to jump the gun and previously blacklisted my ISPs SMTP fairly regularly until they applied spam control), I'm not surprised they do this. As you suggest though, not giving a failure message is a bit iffy.

    3. TeeCee Gold badge

      Re: Looks like...

      Makes sense and I have actaully suggested a couple of times that webmail services do this to prevent them being low-hanging fruit for spammers.

      I did qualify that with that they should set the thing to only block the obvious shit and also provide an "Outbound Spam" folder for manual flagging as not spam, so it can learn the difference and the user can see WTF is going on. Both of these rather important pieces of the process Apple would appear to have overlooked.

      I suspect that the reason the examples got dropped is the vast number of phishing/scam mails knocking around purporting to be hawt newz about the ongoing train wreck in the Eurozone, so anything with "Greece" and "Brussels" in it gets the heuristic banhammer.

    4. Syren Baran
      Boffin

      Re: Looks like

      > So it looks like a ProofPoint MLX, plugged into F-Secure for AV, and doing its own antispam. The guy had a reject message with "spamscore=11".

      Well, how do you even get to that high a spam score?

      I just send myself the following mail to check SpamAssasin:

      "Watch new videos, showing Osama bin Laden under the influence of viagra commiting terroristic acts with Lady Gaga.

      Watch the video and win millions of $$$$ by replying to whatthefuck@some-impossible-mail-adresZsss.biz !"

      It was marked as _possible_ spam for the following reason (and still delivered, mind you):

      " pts rule name description

      2.2 DRUGS_ERECTILE Refers to an erectile drug"

      1. SuccessCase

        @Syren Baran

        You sent a single mail. Send it 1,000 more times and get concerned if it is still getting through then.

        1. Disco-Legend-Zeke
          Pint

          I Imagine...

          ...the BCC: didn't help the spam score.

  11. Anonymous Coward
    Anonymous Coward

    You don't build the infrastructure to do this by accident

    As Ragarth says, you don't add the ability to censor messages based on content "by accident". It costs money, takes time away from other things, and is only worth the hassle if you see a need for it.

    Maybe the feature was only for use in some unnamed market, but it unintentionally got turned on globally. That I can believe

    1. Anonymous Coward
      Anonymous Coward

      You're right

      This infrastructure was not built by accident, it's meant to control spam.

  12. nsld
    Big Brother

    I would guess

    That apple is looking to the Chinese Market for its all new iCloud services and needs to bend over and take it from the regime hence the requirement to scan outbound email at a full content level and block accordingly to be able to enter that market.

    Same would likely soon apply in India as well and I doubt the NSA/CIA/MI6 et al would turn up there noses at the chance of some deeper monitoring of the people.

    They arent the first to do it and they wont be the last.

  13. Iad Uroboros's Nemesis
    Holmes

    Use a different email address

    I try to make it a rule of thumb not to use proprietary channels on proprietary devices e.g. a MobileMe @me.com account on iPhone. If you use a MobileMe account then of course you are open to whatever predilictions Mr Jobs et al. decide to implement.

    Stick with your own ISP email account & have an assortment of SMTP servers to hand.

    Yes, I have a MobileMe account but would only ever dream of using it to blitz my iPhone if it got nicked.

    1. Anonymous Coward
      Anonymous Coward

      But you never dictacte policy on those

      Many ISPs have outsourced their e-mail somewhere else, who also scan and flag e-mails like this. They would be crazy not too since they would spread viruses like wildfire otherwise.

      So it's really always out of your hands and strangled by predilitions of others unless you run your own e-mail server.

  14. jason 7
    Big Brother

    Someone clicked the wrong email server option at Apple

    You know the super secret option that the Govt. (read shady corporate overlords) states they all have to have that instantly filters and censors content in times of major civil unrest/martial law/state of emergency etc.

    You know I'm right.

  15. Wize

    If you trigger your outgoing spam filter...

    ...shouldn't it at least warn you?

    1. SImon Hobson Bronze badge
      FAIL

      Yes it should !

      IMO there is absolutely zero excuse for blocking outbound mail silently - and anyone setting up a system that does this should not be allowed in charge of the tea trolley let alone an email server. The same applies (with some caveats) to inbound mail as well.

      The problem is clueless ****wits who accept mail first and then try to decide what to do with it. It's a recipe for this sort of problem yet most large providers do it. Once you've accepted a mail for processing then you've immediately dug yourself into a hole with no satisfactory way out. If it turns out to fail your checks, what are you going to do about it now ? If you silently delete it then you are part of the problem. If you bounce it then you're part of the problem. In short - you are part of the problem.

      If you check the message before you accept it then you can be not part of the problem. Take a look at it, if you aren't going to deliver it, then don't accept it. If it's direct from a client then the client will get a sending error and know there's a problem. If it's from another server then it's their problem (they can either tell the user, silently delete it, or bounce it - they are part of the problem, not you). But it means you are not part of the problem - you'll either deliver the message or whoever is trying to hand it to you will know that you won't.

      The downside is that you need resources to scan mail as you receive it. Upside is that you can avoid being part fo the problem. Why do so many big outfits put so much effort into making the problem of spam so much worse ?

      1. Gav
        Thumb Up

        Digestives or Rich Tea?

        Actually, being in charge of tea trolley would be ideal for these people. If you give them a request for tea and a plate of biscuits, and they don't arrive because they've 'filtered' the request, then you'd know about it. They can't secretly not give you your tea.

        Otherwise you're spot on.

      2. Anonymous Coward
        Thumb Down

        Why?

        Because most of our users anyway prefer to have mail simply marked as spam and delivered to them, that why. I'd love to simply reject at smtp time, and we've tried it, but we then got an upsurge in 'I haven't had any mail today the system must be broken"

        I conclude that the majority of at least our users *like* receiving spam, it seems to be the only explanation that fits know facts.

  16. Anonymous Coward
    Boffin

    Yeah well...

    FaceBook censors info too and 500 million people still use it!

    Think this is a simple isolated incident of spying and control? You only have to walk down the street to see the number of CCTV cameras here in the UK, Big Brother arrived years ago, there was no revolution it was very quiet and insidious. While we all had our backs turned ooing and ahhhing at the shiny tech, those in charge took the tech and turned it on us. As online communication has become the primary method of inter-person communication, it snuck in there yonks ago.

    You lot having a pop at the whispy bearded messiah, you don't think your ISP or any other routes your communiques take, gets scanned and passed on or denied? I suspect there are quite a lot of gateways picking up and having a good old nose through your deliverables, you just don't know it as they're not stupid enough to stop it like old Jobs is.

    Now stop worrying and go back to sleep plebs, stop thinking for yourselves you don't have the mental capacity, your leaders are in charge and they know what's good for you!

    1. bean520
      Big Brother

      but...

      Facebook is not poractive in it's filtering, and only responds to large pressure groups. While this is far from ideal, a company filtering non-controversial content based on it's own views is much more Big Brother to me

  17. Anonymous Coward
    Meh

    But...

    ...Mobile.me is being retired (or retyred...). Could this simply be a symptom of it being shut down?

  18. Anonymous Coward
    Anonymous Coward

    I've just sent an e-mail with that phrase within

    and it worked fine from MobileMe. Whatever reason it was, it seems to have cleared up. I've seen this happen with just about any e-mail provider who scans their e-mails for spam and viruses. Think they are called "false positives"?

    X-Proofpoint-Virus-Version: vendor=fsecure

    engine=2.50.10432:5.4.6813,1.0.211,0.0.0000

    definitions=2011-07-06_04:2011-07-06,2011-07-06,1970-01-01 signatures=0

    X-Proofpoint-Spam-Details: rule=notspam policy=default score=3 spamscore=3

    ipscore=0 suspectscore=0 phishscore=0 bulkscore=0 adultscore=0 classifier=spam

    adjust=0 reason=mlx engine=6.0.2-1012030000 definitions=main-1107060058

  19. Trollslayer
    FAIL

    OCP?

    I've dealt with scary stuff where my designs are responsible for saving many lives, counselled people at risk and this scares me.

  20. PacketPusher

    Exception

    There was a case here in California where a person was ejected from mall for violating the malls speech code. A court ruled that that code was unconstitutional as it violates the customers right of free speech. I am guessing that the reason they cannot bar speech is that while the mall is privately owned, It is open to the public.

  21. Lincoln

    Spam false positive

    Of course Apple is scanning (and scrubbing) outbound content for spamminess, imagine the trouble which they'd be in otherwise! Spam false positives are quite rare -- apparently this is the first time somebody's noticed?

  22. Anonymous Coward
    Anonymous Coward

    Much as I dislike Apple...

    ...this screams cockup not conspiracy. Until recently I was responsible for a webmail service myself and we had a similar issue with a Zimbra/Cloudmark implementation (we weren't trying to auto block outbound messages either, but a monitoring tool did...stuff). I'd normally never give Apple the benefit of the doubt, but shit happens.

  23. Anonymous Coward
    Anonymous Coward

    Can't believe I'm not slagging Apple...

    Well maybe just a bit.

    I note that Gmail imposes daily outbound mail quota limit, exceed that and you get a warning. Maybe Apple is doing the same but without the warning?

    If mail copied to self doesn't reach me it may be the inbound filter operating - but I'd expect a good email system to place it in a spam folder rather than quietly delete. Budget inbound spam filtering commonly flags too many as false positives - result: happy users "I never get spam through AOL" ... "no I didn't get your email, there must be something wrong at your end..."

    If outbound filtering is in place - maybe for legitimate prevention of abuse of account for sending "obvious" junk mail - then there are two scenarios:

    1) The sender is a spammer - indicated by large amounts of garbage, in which case kill the account completely.

    2) The sender's machine has a trojan and is being used to relay spam, probably in relatively small volume to keep under the radar. In that case silent blocking is a poor decision. An "possible outbound spam" notification to the sender account would alert them to check for trojans.

  24. D. M
    Big Brother

    You only meant to send Apple approved emails

    On serious size, how many hints brain dead iSheep need before they wake up? Until the day they all got round up by Apple's enforcement team, beaten up and all forced to work as Jobs' slave?

This topic is closed for new posts.

Other stories you might like