[ppml] Last Call for Comment: Policy Proposal 2002-6 REALITY CHECK
Dr. Jeffrey Race
jrace at attglobal.net
Thu Nov 14 10:59:07 EST 2002
On Thu, 14 Nov 2002 08:17:06 -0600, Bill Darte wrote:
>Is it possible to definitively trace spam to an individual or responsible
Yes, almost always.
1-Occasionally for 'mainsleaze spam' the spammer uses his own SMTP
server. I just got one of these a few minutes ago from Double-click
and reported it to its upstream.
2-Almost always however spammers abuse open relays, open proxies (some-
times multi-stage, just as you see in the movies), or broken formmail
scripts. In these cases you cannot trace (unless you have access to
the logs, which seldom happens) so you have to look at the 'money
return path' rather than the upload path. This is all elaborated
3-For any individual victim it is usually not possible to trace such
cutouts as toll-free numbers. However technical means allow the
cognoscenti who inhabit Spam-L and NANAE to establish footprints for
spammers, and these are very soon documented e.g. at ROKSO. One
can do a lookup on various strings (header fragments, hash marks,
toll free numbers) and identify the very persons involved and their
networks. It turns our there are probably less than one hundred
spammer nests worldwide and if these could be taken down, spam
traffic would decline drastically. They stay in business due to
the collaboration of scum like C&W and UUNet.
>What would be a necessary precursor to suing for the cost associated with
>spam detection and mitigation... state or federal law?
The public resources to not exist to pursue criminal prosecutions or
civil actions. They hardly exist to pursue corporate fraudsters,
crooked politicians, and child molesters. The only hope in the
legal area is to remove the immunities granted to ISPs and backbones
and then, as with the anti-junk-fax legislation, let the public become
their own enforcers.
However all this is beside the point. No new legislation is necessary.
The one thing that works, and works INSTANTLY, is blocklists. The
entire spam nightmare could be over in a few days if the bodies
responsible for IP address and domain name allocation got together and
made it clear (e.g. by RFC) that any internet user, ISP or backbone
is going to be null routed if it allows spam to emit from its network.
Don't laugh. It's true. Read <www.camblab.com/nugget/spam_03.pdf>.
You are going to have to do it, or internet e-mail is going to be a
thing of the past, unusable.
Cheers to all,
More information about the ARIN-PPML