Suresh, The Anti-Spam Man. According Suresh, spam is basically transference of cost. It transfers the costs to others who haven't asked for it: the spammers' ISPs, the recipients' ISPs, the recipients.

As you can see Andre, who qualifies the highest profit of ISPs (260 billion spam and scam per day) as being a cost transfer from the spammer to the ISP, has to be considered with caution.

David Conrad - Chief Technology Officer - ICANN staff. His team developed one the first TCP/IP packages for the original IBM PC, Director General of APNIC, Nominum Inc, CloudFlare, performing roles at ICANN and general manager of the IANA. A expert with a remarkable curriculum. :)

But Andre, he is doing what he is paid to do - to defend what he has created.

So Andre, in an anti-spam wg, you cannot take seriously criticism about your correct anti-conformism with the lack of good ethics of this rotten and dishonest system they created. The offenses like "messianic complex" only indicate the fear they have of making public the illegal activity of the system. As wrote Simon, they will just have to agree to disagree. Are the foxes caring the henhouse.

Until

Marilson

From: anti-abuse-wg-request@ripe.net

Sent: Wednesday, January 04, 2017 9:00 AM

To: anti-abuse-wg@ripe.net

Subject: anti-abuse-wg Digest, Vol 62, Issue 5

Send anti-abuse-wg mailing list submissions to
anti-abuse-wg@ripe.net

To subscribe or unsubscribe via the World Wide Web, visit
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
or, via email, send a message with subject or body 'help' to
anti-abuse-wg-request@ripe.net

You can reach the person managing the list at
anti-abuse-wg-owner@ripe.net

When replying, please edit your Subject line so it is more specific
than "Re: Contents of anti-abuse-wg digest..."

Today's Topics:

   1. Re: DNS Abuse, Abuse of Privacy & Legitimizing Criminal
      Activity (ox)
   2. Re: DNS Abuse, Abuse of Privacy & Legitimizing Criminal
      Activity (Rob Evans)
   3. Re: DNS Abuse, Abuse of Privacy & Legitimizing Criminal
      Activity (ox)

----------------------------------------------------------------------

Message: 1
Date: Wed, 4 Jan 2017 09:16:02 +0200
From: ox <andre@ox.co.za>
To: David Conrad <drc@virtualized.org>
Cc: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] DNS Abuse, Abuse of Privacy &
Legitimizing Criminal Activity
Message-ID: <mailman.4.1483527602.30829.anti-abuse-wg@ripe.net>
Content-Type: text/plain; charset=US-ASCII

On Tue, 3 Jan 2017 23:05:07 -0800
David Conrad <drc@virtualized.org> wrote:
> Andre,
> On Jan 3, 2017, at 10:43 PM, ox <andre@ox.co.za> wrote:
> >> On Jan 3, 2017, at 9:57 PM, ox <andre@ox.co.za> wrote:
> >>> When respected Internet Engineers and organizations develop
> >>> standards for Internet software that completely ignores ethics,
> >>> morality, honesty and is pale and anemic in the truth department?
> >>
> >> You've developed quite the messianic complex here.
> >>
> > You do not say why this is not true. or not factual. or not correct.
>
> Because empirically, Internet Engineers (whoever they may be) and
> organizations document protocols and bit patterns expressed across
> wires. These protocols are tools that are neutral in terms of ethics,
> morality, and honesty. How those tools are used and by whom is what
> results in whether that are ethical, moral, or honest. You are
> blaming the tool for the (presumed) failings of it users.
> However, in this context, you presume to know The Truth. Such
> certainty must be quite reassuring.
>

Your comments in your entire reply, is the same. Let me place your own
argument, in context, for yourself:

Your argument is that someone making a nuclear weapon is not responsible for the use of a
nuclear weapon.

Yes, I do know my truth. I know my own ethics. I know my own morality. I know myself.

I know right from wrong, if you want to make this about my own ethics.

I would venture that I am not alone in my understanding of what is good
and what is evil.

Let me try to help you with that, as you seem to have a real problem:

It is always wrong to lie.

it is wrong to hide the truth of your lies (deception/falsehood)

It is EVIL to declare that as "normal" behavior

It is EVIL to support lies, falsehoods and suppression of knowledge.

hth

Andre

> >> Yow. RPZ is a tool. You don't like that tool? Don't use it. You
> >> care about the "truth"? Do your own DNSSEC validation.
> > Sure, there are many tools, hacker tools, 0day scripts (for kidd1eS)
>
> If you cannot tell the difference between a tool I choose to deploy
> to protect myself and the users I am responsible for (who can also
> opt out if they so choose) and a tool that allows me to attack
> external users, I doubt continued discussion is worthwhile.
>
> > Why do you not discuss the real issues?
>
> As far as I can tell, you have not identified any real issue, either
> here or on DNSOP. You have, like religious preachers, declared your
> view on ethics, morality, honesty, and truth, as axiomatic but not
> discussed real issues that affect the development of tools to help
> reduce abuse (relevant to this list) or the implementation of the
> protocol (relevant to DNSOP). When you do so, perhaps then there
> might be a discussion.
>
> > The truth is: I do not have a messianic complex
>
> It appears the truth is you believe you know The Truth.
>
> > The truth is, very obviously, you do not care about the truth :)
>
> If you say so, it must be true.
>
> Regards,
> -drc
> (speaking only for myself)
>
>

------------------------------

Message: 2
Date: Wed, 4 Jan 2017 09:31:37 +0000
From: Rob Evans <rhe@nosc.ja.net>
To: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] DNS Abuse, Abuse of Privacy &
Legitimizing Criminal Activity
Message-ID: <6bd5d9a3-c1ab-75cd-f2d3-783684a17b3e@nosc.ja.net>
Content-Type: text/plain; charset=windows-1252; format=flowed

Hi,

>> The presumed draft you're unhappy about
>> (https://datatracker.ietf.org/doc/draft-vixie-dns-rpz/) is
>> informational. It is not a standard.
>>
> not yet a standard. operational word, I guess, is yet. so there is
> still time to create awareness and to speak out.

More than that, it hasn't yet been adopted by the dnsop working group in
the IETF, where a similar discussion is happening, and I don't believe
the authors have stated an aim for an individual submission RFC.

Raising awareness of RPZ is good, however it's an operational tool that
many service providers and enterprises might want in their arsenal (even
if as an opt-in).

The best place to discuss furthering (or otherwise) RPZ is likely to be
on the IETF's dnsop list.

Cheers,
Rob

------------------------------

Message: 3
Date: Wed, 4 Jan 2017 12:26:02 +0200
From: ox <andre@ox.co.za>
To: Rob Evans <rhe@nosc.ja.net>
Cc: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] DNS Abuse, Abuse of Privacy &
Legitimizing Criminal Activity
Message-ID: <mailman.5.1483527602.30829.anti-abuse-wg@ripe.net>
Content-Type: text/plain; charset=US-ASCII

On Wed, 4 Jan 2017 09:31:37 +0000
Rob Evans <rhe@nosc.ja.net> wrote:
> >> The presumed draft you're unhappy about
> >> (https://datatracker.ietf.org/doc/draft-vixie-dns-rpz/) is
> >> informational. It is not a standard.
> > not yet a standard. operational word, I guess, is yet. so there is
> > still time to create awareness and to speak out.
> More than that, it hasn't yet been adopted by the dnsop working group
> in the IETF, where a similar discussion is happening, and I don't
> believe the authors have stated an aim for an individual submission
> RFC.
> Raising awareness of RPZ is good, however it's an operational tool
> that many service providers and enterprises might want in their
> arsenal (even if as an opt-in).
>
This is also maybe a good discussion to have in an abuse wg on a
different thread:Why "DNS Firewalls" and RPZ is the wrong abuse tool to
use or why it is a "good tool" for providers and enterprises to use.
Whether "walled off Internet gardens" is a good thing for abuse and how
that balances out with freedom, openness and the other pesky problems.

About this thread though, it is very important that any inkling of this
becoming an RFC needs to generate much more interest and involvement
than DNS ops.

Judging from where RPZ is at now: Adding DECEPTION to LIES, and
producing different lies depending on which user is asking the questions,
is patently and clearly not good.

Arguments that we need to become killers because there are killers is
simply not in the best interests of a free and open society.

DNS ops quite obviously cannot be objective, AND they cannot be left
alone with this issue. It is clear where this laissez-faire re RPZ has
led and produced over the past 7? years!

And abuse admins will be directly impacted by the adoption of this as a
standard.

> The best place to discuss furthering (or otherwise) RPZ is likely to
> be on the IETF's dnsop list.
>
Not really. (and I have already done that anyway)

It is the DNS Op's whom are in need of protection against themselves.
As I said above, the drift over the past years has been to use non
ethical, dishonest methods (and now also to even use deception and hide
their lies) - Non acceptable and the abuse admins and others need to
become involved as the situation is not fixing itself.

It is the entire methodology and flawed foundation of the entire RPZ
protocol that is in question.

if you build a house foundation in clay, your walls will crack.

If the majority here agrees that RPZ is evil, then we may start
discussing why DNS is better used as a reactive abuse tool and poorly
suited to "firewall" use and that it is completely wrong to promote a
method that involves promoting dishonesty.

If the majority does not agree that RPZ is evil, as you seem not to
yourself? then we still need to discuss the WHY you think it is not
evil and why you think it is a good idea to tell different lies to
different users and to hide the truth from your own users, etc etc

Andre

End of anti-abuse-wg Digest, Vol 62, Issue 5
********************************************