As BAD as Some can be, Others can be GREAT

We interrupt the on-going diatribe between my self and Datapro/Vox Telecom^[1] to bring you Good News for Modern Persons.

In the supermortal words of Hubert Farnsworth, "Good News, Everyone!".

Last eve some mishap caused my DSL model/router to disconnect.  For some while it failed to reconnect: AUTH_FAIL, it said.

Now, my ISP, WebAfrica, whom I hold in very high regard, has been having an occasional little trouble in recent times with their authentication servers.  So: patience is the order of the day.  It was quite late in the day, so my bed called, nothing in my little local network really needed Internet access overnight, so I left matters until the morning, in the hopes that the problems would be resolved without any input on my part.

They were not.

So... Onto the phone this morning.  Less than two rings!  (Contrast this with giving up after an hour on hold last week with Telkom!)  Spoke to a chap who was remarkably candid: "Yes, we have had a problem, and a few accounts seem (for reasons we don't fully understand, yet) to have been stuck in an "inactive" queue.  We're terribly sorry.  I am sorting it out right now [clickety clickety clickety click]; would you like to hold?"

I declined to hold.  The pain of being on hold to Telkom being too fresh in my psyche, I suppose.  After suitable pleasantries I hung up.

A couple minutes later the phone rang.  Same chap from WebAfrica.  " I see that your modem seems to be having some trouble connecting.  Could we please confirm the password it is using to connect...?"

Well, Bugger Me Sideways With A Spoon!  Not only did WebAfrica's support guy sort the problem out instantly, with an ordinary, human-to-human acknowledgment that something had, indeed, gone wrong, but, after I had explicitly said "Ticket closed; I'll call you if there is any further problem." had monitored the situation to make sure that I -- The Lowly Customer -- had been properly sorted out, and called me back to make sure of it!

What am I saying, here?

• I could have raved about not being kept on hold in some support-queue for an hour or longer.
• I could have raved about the great service I received during the handling of my support call.
• I could have raved all night in San Fransisco with the hot chick on her way to Hawaii (but that's another story!)

This guy -- unasked for -- stayed attentive to my little problem until he was as sure as he could be, that it had been solved to my satisfaction.  Not his.  Not Webafrica's.  Mine.

Here's a significant point: None of us (modulo the Absolutely Bloody Minded) is so stupid as to believe that everything Works Flawlessly All the Time.  Shit Happens.  We know this.  When it does, please don't lie to us and use phrasing designed to imply that we, the Customer, are Stupid, Insane and/or Lying!  Please don't pretend that it is Somebody Else's Fault or an Act Of (somebody's) God. (Hello, Telkom!)  If you've fucked up, admit it, apologise, and move on. Nobody will hold it against you.  In fact, given the current climate of Assumed Corporate Infalibilty, we'll sympathise and likely offer to help you fix it!

Just say "Yes.  We Had a problem.  We've fixed it. (OR: Here's what we're busy doing to Fix It.)  We're sorry."

If it is a significant proportion of the working day, offer a credit for the lost service time.  Not difficult, is it?  Not Rocket Science!
I cannot think of a way to praise this enough!

This most recent incident is the perfect exemplar of the sort of brilliant, attentive, honest service  I have unfailingly received from WebAfrica!  I have had a friend^[2] phone me up especially to say, "Thank you for putting me on to WebAfrica as a service provider!  I've since recommended them to at least 15 other people!".

I kid you not!

If anyone in South Africa wants or needs ADSL service, Internet access or web-hosting, do yourself a favour: www.webafrica.co.za. 

Their rates are amongst the lowest around.  Their service is out of all proportion to what you pay!  (i.e. It's brilliant!) If they ever get bought out by Vox Telecom I shall probably have to leave the country -- and even then I won't find an ISP as good!

---

[1] A "keyboard/finger" interaction nearly made that "Pox Telecom", whIch would have been appropriate...


[2] We've known each other over 35 years, now... I think that qualifies as friendship, no?

Taking on the Spammers: Datapro/Vox Telecom - Part 4

Mr Douglas Reed, CEO of Vox Spamacom Telecom, parent company to Datapro, replies:

We run an ISP with over 18,000 corporate customers and 180,000 SME's and
we have customers who utilise various services.  These include list
servers where customers use their own databases and we don't have full
control.  The DataPro and Vox databases are within our control and
consist of individuals and organisations who have provided their details
to us. The reason we have you on our Company database is because you are
obviously listed as a technical contact for some of our customers.  We
cannot offer opt in opt out facilities for our communication to our base
because the news letters communicate important information that the
technical contacts need to be aware of.  However if you want to be
excluded please give us the details and provide us with new technical
contact details.

The other choice is do what the rest of us do and add the user to your
junk mail list.

Interestingly enough this mail ended up in my junk mail folder which
basically means that I received unsolicited mail from this in the past
or you cc'd thousands of people.

Is it just me, or does this sound just a tad arrogant?  What I am hearing: "We're big; that means we can spam with impunity, since we're too big to get blocked." and "Shut up and eat your spam!"

My response:

Dear Mr Reed, On 18/02/2008, Douglas Reed <douglasr@datapro.co.za> wrote:

> The DataPro and Vox databases are within our control and
>  consist of individuals and organisations who have provided their details
>  to us. The reason we have you on our Company database is because you are
>  obviously listed as a technical contact for some of our customers.

The (many) spam emails that form the basis of my complaint to ISPA are directly from Datapro and Vox Telecom; this is not about spam from your customers.  One spam message bears your name as "signatory".

You will note from my earlier correspondence with Maggie Cubitt that I have tried repeatedly, using numerous channels, to "opt out" of these mailing lists, without any success.

Why don't your opt-out procedures work? (As required by the ECT Act.)

Although some of your technical staff are certainly in possession of my email address as "technical contact" for some of our mutual customers, this does NOT extend a license to your companies to send me unsolicited bulk email on ANY subject.

Further, I will note that I have never -- not even once -- receive a bulk message on any technical subject.  The emails forming the basis of my complaint have ALL been of a nature that can only be characterised as "marketing crap".  I did not, ever,  at any stage, give any person or system representing your companies, permission to send me marketing crap.  The fact the your companies have done so is known in the email management industry as "address repurposing" and is considered a sure sign of "spam spoor".

>  The other choice is do what the rest of us do and add the user to your
>  junk mail list. I will repeat what I wrote to Ms Cubbit:

<quote>
having my own email address removed from your mailing lists is of only limited interest to me in this matter.  The larger issue, which it is my main purpose to tackle, is that of Datapro and Vox Telecom blithely spamming, over an extended period of time, continuing in the face of numerous good-faith attempts to unsubscribe, and in direct violation of

1) their own Terms of Service,

2) the email provisions of the ECT Act, and

3) the ISPA's Code of Conduct.
</quote>

The point this: "adding Datapro/Vox Telecom" to my "junk mail list," as you suggest, fails to eliminate or mitigate the primary complaint against spam: the receiver has to pay for it. Putting Datapro/Vox Telecom into my "junk mail list" does not mean that Datapro/Vox Telecom cease being spammers.

To (attempt to) be completely clear on this: since you seem to have overlooked the point:

* This is not about Datapro and Vox Telecom spamming ME.

* This IS about Datapro/Vox Telecom spamming AT ALL.

>  Interestingly enough this mail ended up in my junk mail folder which
>  basically means that I received unsolicited mail from this in the past
>  or you cc'd thousands of people.

Nonsense.

No such conclusion can be inferred.

Having personally administered email and spam-filtering  systems, I can tell you that you cannot draw any such conclusion; thogh it /may/ call into question the competence of the people managing your spam-filtering systems.

>  We run an ISP with over 18,000 corporate customers and 180,000 SME's and
>  we have customers who utilise various services.  These include list
>  servers where customers use their own databases and we don't have full
>  control.

What I read into this is that you believe that your organisations are "too large for the rules to apply".  I have some bad news... There are other organisations far, FAR larger that manage to adequately, and to the full satisfaction  of the anti-spam community, police their customers' mailing lists and email activities.  I am pretty sure that both Outblaze and AOL are larger than your operations; both manage to maintain an impeccable reputation for managing the spam problem and speedily terminating spammy customers.

Of course, neither one spams their customers directly, as your organisations have done.

Part of your (companies') responsibility to the Internet community is to police your customers and their mailing lists.  Ways to do this include monitoring their behaviour, and maintaining and ENFORCING uncompromising Terms of Service.  Your response suggest an unwillingness to do so.  This is a slippery slope.  Next your sales-staff will be writing "pink contracts". (Google for it!)  Should you require access to better expertise than your organisations evidently possess, I shall be glad to forward my consulting rates.

All of this remains (largely) irrelevant.  The numerous spam messages I have received are from your organisations; not from your customers. Your unwillingness to eliminate spam from /within/ is, perhaps, indicative of your willingness to tolerate/profit-from spammy customers from without.

Here is the response I expect: As I see it (prove me wrong?), you have two choices:

1.  Throw away all mailing lists under your control, and start from scratch to build new mailing lists.  Of course you WILL follow established Internet procedures for building permission-base email lists. (Somehow, I doubt this one...)

OR

2.  Send a ONE TIME email to all addresses on your mailing lists, explaining (in full) the situation, expressing your companies' regret that such an unacceptable and untenable situation has come about through the action of a few misguided individuals, and asking the recipients to confirm that they WISH to be subscribed to the relevant mailing list.  Should recipients so confirm their desire to participate, your staff should proceed in the full confidence that those persons have positively opted-IN.  Any email address that fails to reply, or that expresses a desire to opt-OUT must be removed from your databases.

This (second) option should be followed-up with a comprehensive on-going (so that new-hi[r]es get the message, too) educational message from the organisation: "We don't tolerate spam in any shape, manner or form." (together with a detailed explanation of just what that means.)  Your marketing and sales staff may require particularly persistent education.

Forgive my lack of optimism.

Since you (read: your organisations) do not know the email address(es) being spammed, you may be sure that I am in a position to monitor your organisations' actions on this, and will report accordingly.

PS:  You, Mr Reed, might wish to consider that a small one-man consultancy such as myself, may frequently be in a position to make recommendations to customers concerning their choice  of service providers in the Internet Services industry.  Either to recommend providers, or, alternatively, to discourage use of any particular provider.  Your call...

If anybody out there thinks I am being irresponsible or unreasonable (obviously with the exception of any Datapro or Vox Telecom employees or agents!) please, please say so by leaving a comment on this blog.  I promise not to delete any relevant comments...

Let's just note for the record that he failed, completely, to address any single point of substance or question in my response...

Taking on the Spammers: Datapro/Vox Telecom - Part 3 - email Ping Pong

Obviously the spammers thought they could just listwash me and be done.  Here's Datapro's latest response:

Subject: RE: Response to ISPA complaint
Date: Fri, 15 Feb 2008 12:55:45 +0200
From: "Maggie Cubitt" <maggiec@voxtelecom.co.za>
To: "Mike Morris" <me>

Hi Mike Apologies, as I can fully understand your frustration, which is why I am attempting to resolve it comprehensively and finally. I am unable to find the e-mail address mikro2nd@gmail.com on the Contacts database from the DataPro CRM.. and you have extracted the delivery address from your notepad doc. Can I please just confirm that the Newsletter was delivered to the e-mail address mikro2nd@gmail.com?

My response to them:

Maggie Cubitt wrote:

> Apologies, as I can fully understand your frustration, which is why I
> am attempting to resolve it comprehensively and finally.

Please understand that having my own email address removed from your mailing lists is of only limited interest to me in this matter.  The larger issue, which it is my main purpose to tackle, is that of Datapro and Vox Telecom blithely spamming, over an extended period of time, continuing in the face of numerous good-faith attempts to unsubscribe, and in direct violation of

  1) their own Terms of Service,
  2) the email provisions of the ECT Act, and
  3) the ISPA's Code of Conduct.

> I am unable to find the e-mail address mikro2nd@gmail.com on the
> Contacts database from the DataPro CRM.. and you have extracted the
> delivery address from your notepad doc. Can I please just confirm that
> the Newsletter was delivered to the e-mail address mikro2nd@gmail.com?

The spam was not delivered to that email address, but another one.

I am not willing to assist you in listwashing -- the much-loathed practise whereby spammers remove the addresses of the whiners, but continue to blast their unwanted spew out to the Silent Majority Who Just Hit Delete.

I never opted-in to any mailing list belonging to Datapro or Vox Telecom, but was placed on it without my knowledge or consent via person(s) with whom I had contact for purely technical purposes on behalf of my own clients.  This, in turn, means that my email address was repurposed for marketing spam.  In turn Datapro's mailing list was repurposed by Vox Telecom, a company with which I have certainly never had any business relationship.  (Yes, I do understand the relationship between the companies.  No explanation needed.)  Please take note that this is NOT the only list from which I get spammed by Datapro, so your problems are deeper and wider than listwashing a single whiny anti-spam "activist" from a single ill-constructed mailing list or database.

If your lists are NOT fully confirmed-opt-in (and clearly they are not,otherwise I wouldn't be bothering you), then they're spammy lists until you can verify, with a full audit trail, that each and every recipient has positively confirmed their wish to opt in.  Any addresses that cannot be so confirmed must be removed from your databases.  All databases.

The procedure for confirming mailing-list opt-in has been well-established, well-understood, standard practise in legitimate email management for at least the last 30 years, and is correctly implemented by every respectable mailing-list management system.  I would expect an ISP as large as Datapro to be conversant with such established, accepted, and widely-implemented industry-standard, and to have the resources to ensure compliance.  I realise that these practices are somewhat more stringent than required by SA law, but will point out that the ISPA Code of Conduct (para 28) mandates that "ISPA members must operate with due regard for established Internet best practices, as set out in the various request for comment (RFC) documents and as mandated from time to time by established and respected Internet governance structures."  That reads: "established Internet best practices", not "ineffective South African law".  I believe that mailing list operation is covered by RFC-3098 among other resources.

Furthermore, you will, no doubt, have noted that the sample email sent to you is in violation of even the very modest requirements of the ECT Act.  Not to mention the long-term on-going failure to heed good-faith removal instructions as required by the Act.

I trust that Datapro's forthcoming response to this will measure up to the full scope of the organisation's evident ignorance of, or unwillingness to implement, Internet standards and best practise.

Forgive me my skepticism... ;-)

Taking on the Spammers: Datapro/Vox Telecom - Part 2

Yesterday, 14 Feb, the following response to my complaint to the Internet Service Providers' Association about one of their member's spamming activities:

FYI: Mr Reed is the CEO of Vox Telecom (the parent company), so hopefully we've got the attention of a Big Shot.

From: "Maggie Cubitt" <maggiec@voxtelecom.co.za>

To: <me>

Cc: "Douglas Reed" <douglasr@datapro.co.za>



Hi Mike As a listed Telecommunications Company we do take any reports of this

nature extremely seriously. We were very concerned to receive the

notification of your complaint to ISPA, and are obviously anxious to get

this resolved as a matter of urgency.



As there are many companies in the Vox Telecom Group and as DataPro, as

an ISP, does provide a bulk mailing service to customers as well, there

is a possibility that you are on one of our customer's databases.



In order to investigate this properly I would really appreciate if you

could forward me the "February newletter" to which you refer so that I

can investigate this thoroughly for you.



I look forward to your response.



Regards,

Maggie

I have forwarded the most-recent offending email -- "signed" at the bottom by a Mr Gary Sweidan, Datapro's Managing Director, I am sure he is blissfully unaware of the content, or that it is being blasted to a who-knows-how-large list of unwilling , unconfirmed, not-opted-in recipients.

Sadly for them, I redacted out all the recipient email address details and message UUIDS that might server to identify the address it was sent to ;-)

One of the few spammer activities more loathsome than "address repurposing" is listwashing -- removing the whiners from your list whilst blithely continuing to spam the quite ones who Just Hit Delete.

Taking on the Spammers: Datapro/Vox Telecom - Part 1

For well over a year now I've been getting spammed by Datapro (a Vox Telecom subsidiary) with sundry Friendly Newsletters, Product Offers and Special Crap We're Sure Will Interest You.  Now we're in a fight argument complaint-resolution discussion.

Background

Datapro is a fairly large supplier in SA of web and email hosting, ISP services, and all the myriad little bitty services around that.  They're also one of only 15 "Large" members of the Internet Service Providers' Association -- the industry's self-regulation watchdog in SA -- and hence a signatory to ISPA's Code of Conduct, which includes a clause saying, in effect, "members won't support spam or spamming."

I have never been one of Datapro's customers because I think their technical standards are... dodgy... to say the least.  But, I have had contact with some of their technical staff in the course making changes to email, web-hosting and DNS on behalf of some of my clients who do use Datapro as their service provider.  For whatever misguided reasons.  Evidently, some of Datapro's tech staff have had their email address-books "harvested" by The Marketroid Department.  Or Something.  How ever it happened, my email address got repurposed without my knowledge or prior consent.  A major point, here, is that I have never been in a business relationship with this company.

In the anti-spam world "repurposing" is considered a Very Bad Thing, and will result in instant and permanent blacklisting on some aggressively well-run mail servers.

I've lost count of the number of times I have emailed the sender asking, demanding, pleading or threatening legal action, in the interests of getting off their mailing lists.  Countless times I've clicked on the (rarely present) "unsubscribe" links and jumped through web-page hoops to get unsubscribed.  Nary a confirmation have I received.  Nor has any of this actually diminished the volume of crap I get from them.

To add insult to injury, Vox Telecom, the parent company, have in turn taken to spamming their subsidiary's lists.

A Lightbulb Moment

A short while ago, a contact on one of the local Internet-industry mailing lists I haunt, suggested that I lodge a complaint with ISPA.  I must confess that I had never seriously thought about it, but maybe worth a try...

I waited.  Made sure I gathered and archived the evidence.  Then, last Tuesday, I struck: lodged a complaint via the ISPA's webform:

Action The First: The Complaint

NameISP: Datapro/Vox Telecom
name: <redacted>
email: <redacted>
Address: <redacted>
Telephone: <redacted>
Cellphone: <redacted>
SectionCoC: E. Unsolicited bulk mail (spam)
Details:

I have never been a customer of Datapro.  My only interactions with them have been on behalf of my clients, in the course of managing clients' DNS, email, hosting, etc. technical requirements where those services have been provided (at the clients' choice) by Datapro.  As such my interactions have been with technical service personnel only.

During the course of such interactions Datapro staff have, without my consent or prior knowledge, added my email address to various mailing lists that they use to send marketing "newsletters" and advertisements (a.k.a. address repurposing.)

I have on numerous occasions requested that my details be removed from all mailing lists and databases under Datapro's control to no avail.  I have made such requests telphonically, by email, and by clicking through the (rare) unsubscribe links that some of this spam contains.

Finally I have records good enough to prove my point.  Their latest "February newletter", sent in duplicate today, 9 February 2008, is in clear violation of

1) my past instruction to them of 2 August 2007 (and subsequent, evidence-free removal-link-clicking)

2) the ECT Act itself, in failing to meet the information provision and opt-out requirements of the Act, and

3) the ISPA Code of ConductCopies of all relevant emails are available from myself.

Let's see what results...

Quartz Crystal

A very trying couple of days...  Faced with a job that cries out for a decent scheduler (polling feeds), I turned to OpenSymphony's Quartz.  I mean, the ads look so good: Robustness, recoverability, scalability, blah, blah.

First hint of warning I should have paid attention to was a couple of developers' names that I long associate with Doomed Pieces of Shit.  But it all still looked so good.  Until I got closer to the code.  Quartz?  Quartz Crystals for accuracy?  More like Crystal Meth!  Documented methods that mysterious fail to exist.  Examples that aren't.  I thought the JavaDoc got generated from the source, no?  I guess we have here the penetrating stench of Configuration Mismanagement.

Then you enter a twisty little maze of undocumented dependencies.  You will use Commons Logging.  You will use a bunch of J2EE stuff, even though you application is a simple standalone with no hint of J2EE awfulness in sight.

No.  After a day or so of hacking at this steaming turdpile my brain feels like so much oatmeal porridge that I can't even work even work up enough bile for a decently vitriolic blog post.  For me, one of the surest signs of a dying opensource project is when their wikis and forums are filled with spam because nobody can be bothered to disallow Guest users from posting; when the version-control system shows six checkins in the past six weeks.

I'm outa here in favour of Doug Lea's concurrency stuff. What a pleasure by contrast.  I'll live without clustering for now...

3 Apps I Really Want (Open Source Only!)

I'm full of ideas.  Aren't we all?  Eventually, when you reach a hairy old age like me, you realise that There Ain't No Way In The World you'll ever be able to do them all.  This is what makes ideas cheap.  Let me say it again.

Ideas Are Cheap. Implementation Is Everything!

Just occasionally, though, we have ideas that are so good that we really, really want to see them implemented.  But we know, deep down inside our souls, deep down in our secret heart, that we're never, ever going to have the time, energy and stick-with-it-ness to pull the thing off.

Here are three of my ideas:

1. I want a ToDo manager that works like this: Keep my top five ToDo items only. Don't even allow me to put more in.  I must be able to prioritize them.  And they should display at all times as my computer's desktop image.

2. A decent word-processor.  One that fails almost completely to concern itself with formatting.  Perhaps bold, italic and lists -- that's all that's really needed.  On the flipside, though, it should really understand document structure -- sentences, phrases, paragraphs and sections.  And allow me to collapse them.  If I move a heading, move all its subheadings and associated text, too.  In other words, focus me purely on prose, editing prose, tightening up my phrasing, reordering my own words.  Please don't make me fuck around with margins, fonts or colours.  I know that Lyx does something pretty close to this, but its far from pretty, and, frankly, TeX is dead.  Get over it.

3. A social-networky, Web2ish, Ajaxy, <insert-own-buzzword-here> website where people can list their ideas for systems they don't have time to write, and everybody else can vote on the ideas, comment, add/edit the spec (wiki style). Perhaps, just perhaps, some people might choose to pick up those projects and start implementing them.  No bounties.  Sorry, but I'm more broke than you!

Come to think of it, maybe I will implement that last one!  After all, don't the VC pundits all say "Get the simplest thing that functions out the door, and then listen to your user-base."  Here's a way of listening before you even get version 0.0 written!