RE: Spammers hapless fate = ISP toil and sweat
So.. Sysadmin's have a range of techniques for stopping unsolicited mail, but everytime it's used, a new way is found to get around it. This sounds to me like spam is going to go on forever. Earlier on in this discussion, it was mentioned that spammers use test accounts to see if they get mail back - if you spam, you need to know how effective you are so that you can punish whoever tries to stop you etc. It makes sense. So why not focus upon making the spammers think they have succeeded. If there is a way of stopping spam to all but the test accounts then we are on a winner ;-) Maybe spammers could even get sloppy, if they thought that their work was successful. Any ideas as to how this could be achieved? As a second way of stopping spam, I think Europe has to push for a very clear law which defines spamming and can be used to prosecute those that are careless enough to give away their origins. Currently being a spammer could be deemed as a bit of a "buzz" - trying to beat the sysadmins at their own game etc. How about making spammers realise that they're disliked and are on a very fine line towards getting locked up ...seriously, if spamming is to be stopped for good, unfortunately spammers will have to be shown zero tolerance in legal terms. Either this will be achieved through court cases based on existing laws (such as the Portugese "unsolicited use of resources" law) or through new legislation specific to spam. Does anyone have access to legal resources who would be able to point us in the right direction? OK, I accept I have committed a bit of a "faux pas" mentioning Law ;-) but as far as I see, we are all having our resources used to devalue the commodity we trade in - Internet, and the only way to stop this is to 1. Make spammers think they're winning when they're not and 2. Make spammers pay for their abuse ten times over until they get the message that European ISPs will not tolerate abuse of their resources. Otherwise, as is the situation currently, our message will be "we don't like them, but will continue to play the game by your rules". Regards, Toby Williams BusinessNet UK - Internet for Business -----Original Message----- From: Poul-Henning Kamp [SMTP:phk@critter.freebsd.dk] Sent: 17 September 1997 19:54 To: Ina Faye-Lund Cc: local-ir@ripe.net Subject: Re: Spammers hapless fate = ISP toil and sweat In message <3.0.1.32.19970917202718.0190e980@online.no>, Ina Faye-Lund writes:
At 16:01 17.09.97 +0200, Poul-Henning Kamp wrote:
Have RIPE send a formal letter to AGIS and the IEMMC who houses most of these creep, and tell them that either they will cease to send spam to the following list of top level domains: {be, dk, ...} effectively today or the RIPE will orchestrate a pan-european filtering of all AGIS and IEMMC member networks until such filtering is in place. It should be pretty simple to simply filter all routes based on AGIS AS#(s), and maybe inject a bogus route for the IEMMC members networks.
That sounds like a good idea. Hmm... What about rejecting in the router; access-lists? That's what we mostly use, and that would
Simply deny all routes that originate in AS4200 :-) -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop."
Toby Williams said:
Does anyone have access to legal resources who would be able to point us in the right direction? [...]
Allegedly Monday's LINX meeting delegated me to work on this, but I haven't officially been told yet. Later today, apparently. -- Clive D.W. Feather | Work: <clive@demon.net> | Tel: +44 181 371 1138 Director of | Home: <clive@davros.org> | Fax: +44 181 371 1037 Software Development | Demon Internet Ltd. |
On Thu, 18 Sep 1997 13:50:33 +0100 (BST) "Clive D.W. Feather" <clive@demon.net> wrote:
Allegedly Monday's LINX meeting delegated me to work on this, but I haven't officially been told yet. Later today, apparently.
I don't remember you being named out apart from the action given to you on the previous LINX meeting. As for spam, the first and most important issue regarding this is to educate users and vendors into securing their mail transport agents so that they _DO_NOT_ automatically relay any email that is sent to them. Microsoft, sendmail and others are all guilty of this, [mostly for backwards compatibility reasons]. Fix that and then the spammers have to pay for their own resources... Regards, Neil -- Neil J. McRae - Alive and Kicking. C O L T I N T E R N E T neil@COLT.NET Ascend GRF: 100% CpF [Cisco protection Factor] Free the daemon in your <A HREF="http://www.NetBSD.ORG/">computer!</A>
Neil J. McRae said:
Allegedly Monday's LINX meeting delegated me to work on this, but I haven't officially been told yet. Later today, apparently. I don't remember you being named out apart from the action given to you on the previous LINX meeting.
Which was to do with something else, not spam. Okay, I must have misunderstood what I was told. Phew. -- Clive D.W. Feather | Work: <clive@demon.net> | Tel: +44 181 371 1138 Director of | Home: <clive@davros.org> | Fax: +44 181 371 1037 Software Development | Demon Internet Ltd. |
Much as I wouldn't like to be seen agreeing with Neil, but his last point below is the most constructive comment to date. The delivery of email is a co-operative process, spammers (who don't relay through you) are NOT stealing your resources. They are using a valid distribution method to deliver email to your customers. If they generate all their spam via their own server (and I know some [most?] don't) then I think you are obliged to deliver it. Also any ISP who black-holes parts of the 'net is in danger of having their competitors use it against them in marketing material... Matt. -- Views expressed at not necessarily those of my employer. "Neil J. McRae" <neil@colt.net> added to the discussion:
I don't remember you being named out apart from the action given to you on the previous LINX meeting.
As for spam, the first and most important issue regarding this is to educate users and vendors into securing their mail transport agents so that they _DO_NOT_ automatically relay any email that is sent to them.
Microsoft, sendmail and others are all guilty of this, [mostly for backwards compatibility reasons]. Fix that and then the spammers have to pay for their own resources...
Regards, Neil
On Fri, 19 Sep 1997 09:48:28 +0100 Matt Ryan <matt@planet.net.uk> wrote:
Much as I wouldn't like to be seen agreeing with Neil, but his last point below is the most constructive comment to date. The delivery of email is a co-operative process, spammers (who don't relay through you) are NOT stealing your resources. They are using a valid distribution method to deliver email to your customers. If they generate all their spam via their own server (and I know some [most?] don't) then I think you are obliged to deliver it.
Also any ISP who black-holes parts of the 'net is in danger of having their competitors use it against them in marketing material...
Yah, I wouldn't filter out any part of the net, unless it was damaging my services or my network, I do inform our customers of the dangers in having an open relaying mail server however. Technical solutions work short term but the spammer will always be back. Until the day when the users find spam as socially unacceptable as drink driving. Cheers, Neil. -- Neil J. McRae - Alive and Kicking. C O L T I N T E R N E T neil@COLT.NET Ascend GRF: 100% CpF [Cisco protection Factor] Free the daemon in your <A HREF="http://www.NetBSD.ORG/">computer!</A>
participants (4)
-
Clive D.W. Feather -
Matt Ryan -
Neil J. McRae -
Toby Williams