Holomaxx doubles down

Holomaxx has, as expected, filed a motion in opposition to the motion to dismiss filed by both Yahoo (opposition to Yahoo motion and Hotmail (opposition to Microsoft motion). To my mind they still don’t have much of an argument, but seem to believe that they can continue with this.
They are continuing to claim that Microsoft is scanning email before the email gets to Microsoft (or Yahoo) owned hardware.

Holomaxx has sufficiently alleged that Microsoft intercepted and scanned the contents of Holomaxx!s emails ” in transit without consent by using Bayesian techniques and a collaborative filtration system before the emails reached Microsoft’s servers […]

Best I can figure Holomaxx seems to have convinced their lawyers that “Bayesian techniques” are some sort of magic, psychic filters that can look at packets on a wire and see what’s in them. This is so far from the truth as to be ludicrous.

Bayesian classifiers work by correlating the use of tokens (typically words, or sometimes other things), with spam and non spam e-mails and then using Bayesian inference to calculate a probability that an email is or is not spam.

A Bayesian filter is software. It has to run on hardware somewhere. Someone owns that hardware. In this case, it’s Micosoft and Yahoo.
I can see that Holomaxx is trying to get across that the filtering happens before the ISPs accept the emails. But this doesn’t mean the filters aren’t running on hardware owned by Yahoo or Microsoft. It is possible to content filter email during the SMTP transaction, often referred to as “on the wire.” But, in reality, the filters are still running on hardware owned by the recipient’s ISP. The receiver is just looking at the mail before it makes a decision whether or not to accept responsibility for delivering the email to the final recipient.
A new argument in this motion is that the emails were all confidential and that Holomaxx had a reasonable expectation that the mails would not be overheard or recorded. I’m not sure the advertisements Holomaxx has used as examples (Free HBO from Dish Network!) are actually confidential.  As a layperson I find it hard to see how this argument will work.
Holomaxx also doubles down on their argument that the MAAWG abuse desk best practices document is an objective industry standard.

Yahoo makes much about the fact that the MAAWG Abuse Desk Common Practices paper was from an October 2006 meeting. This is a mischaracterization of the document. The document specifically states that it was assembled with feedback received in sessions from three MAAWG meetings beginning in October 2006. (See Request for Judicial Notice submitted by Yahoo in support of MTD, Ex. 1.) The document was published in October 2007. (Id.) Regardless if it is 3 1⁄2 years old, no other set of practices have been promulgated by MAAWG or any other group concerning the topic of filtered emails. Until that happens, the MAAWG Abuse Desk Common Practices paper serves as the only industry guidelines or standard on that topic.

Once again, the document in question is not a standards document. Holomaxx conveniently ignores what the actual document is about: Abuse desk common practices. In many ISPs, abuse desks do not deal with blocking issues at all. The committee chose to comment on this because some abuse desks handle both inbound and outbound abuse. We’ll see what the judge says, though. I think that Holomaxx is taking the document totally out of context in order to demand, somehow, that their mail shouldn’t be blocked.
There is a hearing on both cases July 15th. I’m considering going down to the courthouse to listen in on the arguments.
Previous blog posts on the Holomaxx case:

Related Posts

Breaking through the script

In handling day to day issues I use the ISP designated channels. This means I frequently get dragged into long conversations with people, probably outsourced to the far east, who can do nothing beyond send me a boilerplate.
This can be a frustrating experience when the issue you’re trying to deal with is not handled by the script. Generally, by the time someone has come to me for help, they are “off script” and I do need to actually talk to a human to get resolution.
With Hotmail, I’ve found that persistent repeating of very simple phrases will eventually get the issue kicked up to someone who can respond with something beyond another boilerplate. This can take days, but it is possible.
I’ve recently run into a Yahoo issue where I am trying to punch through the script, but have so far been unable to.
One of the services Word to the Wise offers is whitelisting. I collect info from customers, verify that what they’re doing will get them whitelisted at the ISPs that offer it, and then submit the information to the ISPs. Yahoo has recently moved to an online submission form for their whitelisting process, which is great for me. No more creating a giant document and then cutting and pasting the document into an email and then mailing it off.
The problem is, there seems to be a minor problem with the Yahoo Whitelisting submission form. When submitting an online application to Yahoo, they respond with a message that says “this application is not complete.”
I’ve been attempting to break through the script in order to find out what about the application is not complete. The webform has data checking, and you cannot submit a form while leaving any of the questions blank. Asking “what is wrong” when the application is kicked back has resulted in me having multiple copies of the whitelisting submission form.
It’s gotten so frustrating that I’ve escalated to personal contacts, but they can’t explain what’s not complete about the application as submitted online, either.
Has anyone had any success breaking through the Yahoo script? Has anyone managed to get IP addresses whitelisted through Yahoo using the online form?

Read More

MAAWG: Just keeps getting better

Last week was the 22nd meeting of the Messaging Anti-Abuse Working Group (MAAWG). While I am prohibited from talking about specifics because of the closed door nature of the group, I can say I came out of the conference exhausted (as usual) and energized (perhaps not as usual).
The folks at MAAWG work hard and play even harder.
I came away from the conference feeling more optimistic about email than I have in quite a while. Not just that email is vital and vibrant but also that the bad guys may not be winning. Multiple sessions focused on botnet and crime mitigation. I was extremely impressed with some of the presenters and with the cooperation they’re getting from various private and public entities.
Overall, this conference helped me to believe that we can at least fight “the bad guys” to a draw.
I’m also impressed with the work the Sender SIG is doing to educate and inform the groups who send bulk commercial messages. With luck, the stack of documents currently being worked on will be published not long after the next MAAWG conference and I can point out all the good parts.
There are a couple specifics I can mention. One is the new list format being published by Spamhaus and SURBL to block phishing domains at the recursive resolver. I blogged about that last Thursday. The other bit is sharing a set of security resources Steve mentioned during his session.
If your organization is fighting with any messaging type abuse (email, social, etc), this is a great place to talk with people who are fighting the same sorts of behaviour. I do encourage everyone to consider joining MAAWG. Not only do you have access to some of the best minds in email, but you have the opportunit to participate in an organization actively making email, and other types of messaging, better for everyone.
(If you can’t sell the idea of a MAAWG membership to your management or you’re not sure if it’s right for you, the MAAWG directors are sometimes open to allowing people whose companies are considering joining MAAWG to attend a conference as a guest. You can contact them through the MAAWG website, or drop me a note and I’ll make sure you talk with the right folks.)
Plus, if you join before October, you can meet up with us in Paris.

Read More

Amendment is futile, part 2

When Yahoo filed for dismissal of the Holomaxx complaint, they ended the motion with “Amendment would be futile in this case.” The judge granted Yahoo’s motion but did grant Holomaxx leave to amend. Holomaxx filed an amended complaint earlier this month.
The judge referenced a couple specific deficiencies of Holomaxx’s claims in his dismissal.

Read More