[ppml] Last Call for Comment: Policy Proposal 2002-6 REALITY CHECK

Dr. Jeffrey Race jrace at attglobal.net
Thu Nov 14 10:59:07 EST 2002 

On Thu, 14 Nov 2002 08:17:06 -0600, Bill Darte wrote:
[snip]
>Is it possible to definitively trace spam to an individual or responsible
>party?

Yes, almost always.  
1-Occasionally for 'mainsleaze spam' the spammer uses his own SMTP
  server.  I just got one of these a few minutes ago from Double-click
  and reported it to its upstream.
2-Almost always however spammers abuse open relays, open proxies (some-
  times multi-stage, just as you see in the movies), or broken formmail
  scripts.  In these cases you cannot trace (unless you have access to
  the logs, which seldom happens) so you have to look at the 'money
  return path' rather than the upload path.  This is all elaborated
  at <www.camblab.com/nugget/extermin.htm>.   
3-For any individual victim it is usually not possible to trace such
  cutouts as toll-free numbers.  However technical means allow the
  cognoscenti who inhabit Spam-L and NANAE to establish footprints for
  spammers, and these are very soon documented e.g. at ROKSO.  One
  can do a lookup on various strings (header fragments, hash marks,
  toll free numbers) and identify the very persons involved and their
  networks.   It turns our there are probably less than one hundred
  spammer nests worldwide and if these could be taken down, spam
  traffic would decline drastically.   They stay in business due to
  the collaboration of scum like C&W and UUNet.

>What would be a necessary precursor to suing for the cost associated with
>spam detection and mitigation... state or federal law?

The public resources to not exist to pursue criminal prosecutions or
civil actions.  They hardly exist to pursue corporate fraudsters,
crooked politicians, and child molesters.    The only hope in the 
legal area is to remove the immunities granted to ISPs and  backbones
and then, as with the anti-junk-fax legislation, let the public become
their own enforcers.

However all this is beside the point.  No new legislation is necessary.
The one thing that works, and works INSTANTLY, is blocklists.  The
entire spam nightmare could be over in a few days if the bodies 
responsible for IP address and domain name allocation got together and
made it clear (e.g. by RFC) that any internet user, ISP or backbone
is going to be null routed if it allows spam to emit from its network.

Don't laugh.  It's true.  Read <www.camblab.com/nugget/spam_03.pdf>.

You are going to have to do it, or internet e-mail is going to be a
thing of the past, unusable.

Cheers to all,

Jeffrey Race

More information about the ARIN-PPML mailing list