Best f**king censorship ever
-
A friend of mine recently started a new job, and we were having a conversation via email. Unexpectedly, she tells me that my latest email has been blocked by their automated filtering system- instead of receiving my email, she was sent this:
Please reply with history to uspostmaster@XXXXX.com if you would
like this message released.
MailMarshal (an automated content monitoring gateway) has
stopped the following email for the following reason:
It believes it may contain unacceptable language, or inappropriate material.
Message: B47d568a10002.000000000001.0002.mml
From: XXXXX
To: XXXXX
Subject: Re: XXXXX
MailMarshal Rule: Content Security (Inbound) : Block Unacceptable Language
Script Offensive Language (Basic) Triggered in Body
Expression: fuck* Triggered 2 times weighting 10
Expression: shit Triggered 2 times weighting 6
Script Offensive Language (Extensive) Triggered in Body
Expression: bugger* Triggered 1 times weighting 35
Expression: fuck* Triggered 1 times weighting 60
Please remove any inappropriate language and send it again.
If you do not recognize the address listed in the From: field
above or the Subject: line does not relate to an expected email,
then the blocked message is probably spam and no further action
is required on your part.
Additionally, addresses listed above could possibly be spoofed.
Please see the following for more information on email spoofing:The CERT Division | Software Engineering Institute
The CERT Division is a leader in cybersecurity, partnering with government, industry, and law enforcement to improve the security and resilience of systems and networks.
The blocked email will be automatically deleted after 5 days.
Email Content Security provided by NetIQ MailMarshal.
-
I love how 'bugger' makes 'fuck*' worth 60 instead of worth 5.
-
So if I were having a conversation with a friend about the aliens in Ender's Game (referred to as "buggers" iirc) then this filter would block it. That's nice of them.
-
Censorship in general is TRWTF
I wouldn't put things like that into an email that went to a person's company email, though. That's a WTF as well.
-
Gotta love Maillmarshall. We use it here, and I've heard this type of complaint several times.
"What's the point of blocking the email if you're going to tell me all the bad words you didn't want me to see in the first place?"
-
@taylonr said:
"What's the point of blocking the email if you're going to tell me all the bad words you didn't want me to see in the first place?"
Would you rather "I just blocked your email containing two inline essays because it contained a bad word, also I sure as hell aren't going to tell you why, so it's up to you to use an encyclopedic knowledge of every swear-word in out filter list."
-
Let's just hope that the purveyors of this foul language don't learn from the spammers and re-send the message as "fucI< this fucI<ing sh1t, you buqqers!!!". Won't somebody think of the children!!!
frankly anyone who is 'delicate' enough whimper and cry under their desk when they see a 'naughty' word doesn't need draconian protection that affects more normally adjusted people too, they need to be laughed at. Loudly, in public.
-
@Lingerance said:
@taylonr said:
"What's the point of blocking the email if you're going to tell me all the bad words you didn't want me to see in the first place?"
Would you rather "I just blocked your email containing two inline essays because it contained a bad word, also I sure as hell aren't going to tell you why, so it's up to you to use an encyclopedic knowledge of every swear-word in out filter list."Personally, I think it would make most sense to tell the SENDER of the email, NOT the recipient, which words were blocked. The current system is just stupid...
Hey there! I've stopped you reading a message because it contains the word "fuck", and no-one should ever have to see the word "fuck".
It's like the police stopping you in the street, beating you up and taking your wallet to show you why you should be happy that they just chased off a mugger. "You wouldn't like it if the mugger was kicking you like THIS and THIS, would you?" No officer.
-
@taylonr said:
Gotta love Maillmarshall. We use it here, and I've heard this type of complaint several times.
"What's the point of blocking the email if you're going to tell me all the bad words you didn't want me to see in the first place?"
It saves time. Now that you can see all the bad words right away, you don't need to read the email.
Our mail filter would complain about all that X'ed out data. Obviously references to XXX porn.
-
@rc_pinchey said:[Personally, I think it would make most sense to tell the SENDER of the email, NOT the recipient, which words were blocked. The current system is just stupid...
Right, at work I can control my language, not the sender's. ALSO its external communications. If I was talking to my boss I would not use that language, but to a friend, different story, ill tell him about those fuckers who got shit faced!
-
I disagree, this is the best censorship ever: Blugrbutt
-
You just forgot to use the <earmuffs> tag in your email:
<earmuffs>
Fuck. Shit. Cock. Pussy. Balls.
</earmuffs>
-
Well, since the intent of mailmarshall is to block spam and other offensive material, it would be best to just say it was blocked due to possibly offensive words. If it's your friend (and you would know because it tells you the email address) you could tell your friend it got blocked because of language, and they could resend it (although I admit bugger is a stupid word to block). Probably shouldn't be sending those types of words to a corporate email anyway (regardless of it's from inside or outside) use hotmail or something.
-
@taylonr said:
Gotta love Maillmarshall. We use it here, and I've heard this type of complaint several times.
"What's the point of blocking the email if you're going to tell me all the bad words you didn't want me to see in the first place?"
It's only the context that makes words profane. When the surrounding words give meaning to a curse word, it becomes like a bomb in a crowded Iraqi market place with the surrounding words being like civilians. However, when context has been removed, the profanities become as safe as a newborn kitten.
-
@Sad Bug Killer said:
I disagree, this is the best censorship ever: Blugrbutt
WTF? This can't be really happening at that website, can it? I about fell off my chair laughing at this stuff! Somebody is asleep at the switch.
-
clbutty
-
In the company's defense, I can see the merits in putting a system like this in place for outgoing email. For many business it just wouldn't do to allow that kind of thing accidently go out to clients. But incoming? When the message is obviously part of a conversation thread where previous messages have passed?
That gives me an idea... I wonder if you could improve spam filter performance noticabley by identifying messages that are part of conversation threads in the which the recipient has already partipated, and giving them a much lighter spam check. It certainly wouldn't matter for one inbox unless you could also use it to improve accuracy (which I guess at least in this case it would have), but say you're running a large system that checks a few million messages per day?
-
@jcoehoorn said:
That gives me an idea... I wonder if you could improve spam filter performance noticabley by identifying messages that are part of conversation threads in the which the recipient has already partipated, and giving them a much lighter spam check. It certainly wouldn't matter for one inbox unless you could also use it to improve accuracy (which I guess at least in this case it would have), but say you're running a large system that checks a few million messages per day?
SMTP is just so fucking weak though, it's utterly trivial to spoof just about anything, including this suggestion (which otherwise seems to have merit). We really need a more secure and reliable email protocol instead of yet more heavy-handed filtering and analysis systems that treat the symptom rather than the cause.
My personal favourite relates to a list of schoolkids which was sent for legitimate purposes - blocked on account of lots of occurrances of "free", "teen" and "sex".
-
@morbiuswilters said:
It's only the context that makes words profane. When the surrounding words give meaning to a curse word, it becomes like a bomb in a crowded Iraqi market place with the surrounding words being like civilians. However, when context has been removed, the profanities become as safe as a newborn kitten.
Ahahah, yeah, nice use of sarcasm here, just mark it with a tag next time. For one moment I was thinking you really believe this. But of course you were using sarcasm so it's all fine.
-
@mfah said:
SMTP is just so fucking weak though, it's utterly trivial to spoof just about anything, including this suggestion (which otherwise seems to have merit). We really need a more secure and reliable email protocol instead of yet more heavy-handed filtering and analysis systems that treat the symptom rather than the cause.
How is this particularly spoofable? If I respond to a message the user gets added to my whitelist automatically. I suppose somebody could figure out the addresses of some people in my whitelist and spoof those, but that's not very likely. Additionally, how is removing spoofing going to dramatically reduce the amount of spam? Fighting spam pretty much requires deep content inspection and pattern analysis and will probably always be a problem.
Edit: I should add that such a "whitelist addresses you respond to" feature exists in a lot of spam filtering software.
-
@Sad Bug Killer said:
I disagree, this is the best censorship ever: Blugrbutt
I like the phrase: (rebreastled "Dueling Banjos").
Incidentally, dictionary says that "tit" also means a small European bird. Ornithologists better accept that they should call these birds "breasts".
-
@fist-poster said:
I like the phrase: (rebreastled "Dueling Banjos").
I think that you're still overestimating the ability of such delicate people to accept borderline-profane words like "breast". Better if we refer to these birds as "mammary glands".Incidentally, dictionary says that "tit" also means a small European bird. Ornithologists better accept that they should call these birds "breasts".
-
@Sad Bug Killer said:
I disagree, this is the best censorship ever: Blugrbutt
That's what we on tdwtf call a clbuttic mistake.
-
@mfah said:
SMTP is just so fucking weak though, it's utterly trivial to spoof just about anything, including this suggestion (which otherwise seems to have merit). We really need a more secure and reliable email protocol instead of yet more heavy-handed filtering and analysis systems that treat the symptom rather than the cause.
Actually, there are challenge-response systems that work like this. It's easy to recognise if the message is part of an existing conversation by looking at the References header - when you reply to a message, it's Message-Id will be added at the beginning of existing References header, and the Message-Id will also be copied to the In-Reply-To header. Smart e-mail clients use these headers for threading, and since only the sender, receiver and the hosts which the message passed know the message IDs it's very unlikely for a spammer to get in their possession fast enough to be useful for him (assuming nobody on the path is infected with a spambot).
-
@ender said:
Actually, there are challenge-response systems that work like this. It's easy to recognise if the message is part of an existing conversation by looking at the References header - when you reply to a message, it's Message-Id will be added at the beginning of existing References header, and the Message-Id will also be copied to the In-Reply-To header. Smart e-mail clients use these headers for threading, and since only the sender, receiver and the hosts which the message passed know the message IDs it's very unlikely for a spammer to get in their possession fast enough to be useful for him (assuming nobody on the path is infected with a spambot).
Weaksauce. Many mail clients are too retarded to handle Message-Ids properly and it quickly breaks down when you have multiple people copying and replying to each other. That's why it's better to just automatically add anyone you email to your address book so they don't get scanned for spam. That doesn't solve everything, but it reduces false positives. Add in well-maintained lists of spammer domains and IPs as well as Bayesian filtering and you have a pretty decent mail filtering system. I hate SMTP for a lot of reasons, but you can't solve spam with a new protocol. Removing spoofing will defeat some spam and phishing attacks, but spammer efforts will just be redirected to other avenues. As long as spam is profitable and you can send an email to anyone in the world, we will have to deal with it. Luckily, it's very manageable nowadays.
-
@morbiuswilters said:
Weaksauce. Many mail clients are too retarded to handle Message-Ids properly and it quickly breaks down when you have multiple people copying and replying to each other. That's why it's better to just automatically add anyone you email to your address book so they don't get scanned for spam. That doesn't solve everything, but it reduces false positives. Add in well-maintained lists of spammer domains and IPs as well as Bayesian filtering and you have a pretty decent mail filtering system. I hate SMTP for a lot of reasons, but you can't solve spam with a new protocol. Removing spoofing will defeat some spam and phishing attacks, but spammer efforts will just be redirected to other avenues. As long as spam is profitable and you can send an email to anyone in the world, we will have to deal with it. Luckily, it's very manageable nowadays.
There are a few retarded e-mail clients (mostly badly written webmail software - I'm looking at you, Yahoo) that skip the References an In-Reply-To headers altogether (if your client does threading, you easily recognise the people using them, since all of their messages start new threads), but most e-mail clients have no problems. Trusting the References/In-Reply-To headers is a bit more secure than trusting the From (or envelope mail from:), since it's much harder for a spammer to get in possession of a valid Message-Id (we all know how From headers are forged).
Anyway, in my experience, you can block about 95% of all spam by using greylisting, sleeping a few seconds before responding to each command and not accepting any e-mail from hostnames that have cable, dial-up or adsl in the first half of their name.
-
@ender said:
There are a few retarded e-mail clients (mostly badly written webmail software - I'm looking at you, Yahoo) that skip the References an In-Reply-To headers altogether (if your client does threading, you easily recognise the people using them, since all of their messages start new threads), but most e-mail clients have no problems. Trusting the References/In-Reply-To headers is a bit more secure than trusting the From (or envelope mail from:), since it's much harder for a spammer to get in possession of a valid Message-Id (we all know how From headers are forged). Anyway, in my experience, you can block about 95% of all spam by using greylisting, sleeping a few seconds before responding to each command and not accepting any e-mail from hostnames that have cable, dial-up or adsl in the first half of their name.
How likely do you think it is a spammer is going to get ahold of my address book, though? Additionally, the only value in SPF is in preventing envelope forgery, so if it was widely implemented it would increase the effectiveness of this technique. It is simple and relatively foolproof. I personally dislike greylisting because it abuses the protocol, but almost all programs that touch email violate the protocol in some way. I also dislike having to wait for emails to arrive because the recipient's server is using greylisting. It also depends on your scale. Greylisting doesn't work well if spammers know you are using it and large providers like Yahoo would never get away with it. The cable/dsl trick is so-so. You can end up blocking some legit business customers on cable or DSL lines that way. For a personal mail server it's probably fine, but I would never get away with it. My general technique is to use blacklists to increase a score, moving on to simple regexes for stuff like "viagra" and then on the Bayesian. You can also profile a particular domain/IP that way and move it up or down in your own personal blacklists and whitelists based on Bayesian hits, etc.. Add in some tarpitting for the most aggressive spammers and you're set.
-
@morbiuswilters said:
Greylisting doesn't work well if spammers know you are using it and large providers like Yahoo would never get away with it.
Until recently greylisting has worked very well (unless the sending e-mail server was running Exchange - there would be some very bizarre problems with some versions of it, though they're not limited to greylisting but to handling of 4xx responses in general), but recently smarter bots have appeared that can get past greylisting. As for large providers not getting away with it, the Academic and Research Network of Slovenia (which also offers free dial-up and very cheap DSL/cable access to students) uses it. And they're anything but small.@morbiuswilters said:The cable/dsl trick is so-so. You can end up blocking some legit business customers on cable or DSL lines that way.
If you're on a business DSL, you should either get your PTR record fixed (since this is a business DSL line, it shouldn't be a problem - the ISPs here will set the PTR for any customer that chooses to have a static IP), or you should be relaying the e-mails through the ISP's server.
-
@morbiuswilters said:
It's only the context that makes words profane.
Reminds me of the old (Carlin?) adage about how it's OK to prick your finger, but not the other way round...
-
@DaveK said:
@Sad Bug Killer said:
It was definitely clbuttic.I disagree, this is the best censorship ever: Blugrbutt
That's what we on tdwtf call a clbuttic mistake.
-
@ender said:
Until recently greylisting has worked very well (unless the sending e-mail server was running Exchange - there would be some very bizarre problems with some versions of it, though they're not limited to greylisting but to handling of 4xx responses in general), but recently smarter bots have appeared that can get past greylisting. As for large providers not getting away with it, the Academic and Research Network of Slovenia (which also offers free dial-up and very cheap DSL/cable access to students) uses it. And they're anything but small.
Not saying greylisting doesn't work at all and never did, just saying that it is 1) irritating, 2) non-compliant, 3) less and less useful as more people use it and 4) not very useful if you are a large, well-known provider. As one of my past jobs has been for a large spam filtering company that handles many millions of messages per day, I do have some idea of what I am talking about. :-) Still, if it works for you, then keep on using it.
-
@RayS said:
@fist-poster said:
I like the phrase: (rebreastled "Dueling Banjos").
I think that you're still overestimating the ability of such delicate people to accept borderline-profane words like "breast". Better if we refer to these birds as "mammary glands".Incidentally, dictionary says that "tit" also means a small European bird. Ornithologists better accept that they should call these birds "breasts".
Ok, let's try that...
We have a pair of mammary glands nesting in our garden. My sons and I regularly put out nuts for them and derive great pleasure from their frolicsome antics.
Yeah, that works.
-
@upsidedowncreature said:
@RayS said:
@fist-poster said:
I like the phrase: (rebreastled "Dueling Banjos").
I think that you're still overestimating the ability of such delicate people to accept borderline-profane words like "breast". Better if we refer to these birds as "mammary glands".Incidentally, dictionary says that "tit" also means a small European bird. Ornithologists better accept that they should call these birds "breasts".
Ok, let's try that...
We have a pair of mammary glands nesting in our garden. My sons and I regularly put out testicles for them and derive great pleasure from their frolicsome antics.
Yeah, that works.
FTFY. Or should it say "male generative glands" instead?
-
@bstorer said:
FTFY. Or should it say "male generative glands" instead?
Gonads.
-
@RogerC said:
A partial explanation is that that site's really just a collection of posts from alt.music.bluegrass; with the context and attribution filed off, presumably to serve as a cheap source of legitimate-looking and dynamic "content" to be coated with ads and served to unsuspecting visitors. For example, here's the original post for the quoted page. Still, even if the site's just a completely automated Usenet ripoff scam, you'd still expect the owners to at least look at the output from time to time.@Sad Bug Killer said:
WTF? This can't be really happening at that website, can it? I about fell off my chair laughing at this stuff! Somebody is asleep at the switch.I disagree, this is the best censorship ever: Blugrbutt
(The real WTF being that I had to link to Google Froups for "alt.music.bluegrass", since the forum software apparently doesn't understand news: URLs.)
