Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SPEWS?

  • From: Clayton Fiske
  • Date: Thu Jun 20 14:38:37 2002

On Thu, Jun 20, 2002 at 01:12:20PM -0400, Steven J. Sobol wrote:
> If the offending ISP does not respond, and you have exhausted all avenues
> available to you to get the ISP to get its customer to stop spamming - 
> whether by TOS'ing the customer, education or whatever - then escalation 
> may work if the collateral damage caused by escalation is enough to get 
> the spammers' neighbors to complain to the ISP.
> 
> This principle is based on the fact that an ISP is more likely to listen 
> to its paying customers than to outsiders.

Fair enough. I agree with the idea in spirit. However, care must be
taken to define acceptable criteria. I think the concerns here (at
least my concerns) are that a) some organizations do it before exhausting
other avenues, and b) the avenues for removal from such listings can
be difficult to nonexistent (as is the case with SPEWS, from the sound
of it).

As for specific criteria, I think this is probably where the most
debate lies. If an ISP is a haven for a significant (yes, that is
a subjective term, but humor me) number of spammers, or if they have
either actively refused to solve the problem or allowed a spammer to
evade filtering by renumbering into a new block, then I'd say this
is a reasonable action to take against them. However, if it is only
one or two problem customers, and they are not being evasive, renumbering,
etc then I'm not so sure the end justifies the means. After all, you
do have the means to avoid receiving the spam (such as listing them
on a blackhole list).

I think one must be cautious to avoid seeking vengeance on something
whose mere existence bothers them, independent of whether it actually
affects them or not. It's easy to make such a decision, but most
people fail to account for the other side of that "collateral damage".
One cannot assume that all of the non-spamming customers of an ISP
can afford to be blackholed in order to facilitate one's own moral
victory.

Unfortunately, this discussion provides an avenue to the age-old
thread about blackhole lists with political agendas, which imho is
not the point of this thread.

> And I don't think this is a potential solution only for spam; it is 
> appropriate (IMESHO) in other abusive situations too.

Agreed.

> I don't advocate doing it unless you have tried all other reasonable 
> methods to get in touch with the ISP and ask them to disconnect or 
> otherwise educate their customer.

Agreed. However, my impression from the initial post(s) in this thread
is that the specific list(s) in question have not been doing this.

-c





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.