[ppml] Abstract of proposed Internet Draft for Best Current Practice (please comment)

Brian S. Bergin arin_ppml at comcept.net
Tue Feb 18 10:25:23 EST 2003

At 09:58 18 02 03 Tuesday, J Bacher wrote:

>On Tue, 18 Feb 2003, Dr. Jeffrey Race wrote:
> > >Are you proposing that ARIN revoke certain resources (assignments,
> > >allocations, ASNs, etc) under certain conditions to influence
> > >certain behaviors (decreasing SPAM propagation)?
> >
> > Yes! It is the only way proven to ensure good behavior among the
> > refractory and the negligent.   It gets their attention.   Initially
> > Why not and what can be done?   It is an obvious loophole in the
> > system from the point of view of a sociologist of group behavior.
> > If the Motor Vehicle Registry can't revoke licenses for abuse,
> > of course the drivers will ignore the rules.
>The state can revoke a license under authority of the law.
>Vocal anti-spammers can't even agree as to what exactly constitutes the
>various types of unsolicited email.  I can't see how we can expect to
>draft a proposal that goes above any law in this country and expect ARIN
>to have the resources to enforce it.
>Your original post (possibly the first bullet point) suggested that ISPs
>*prevent* this type of abuse.  What solutions can you offer that will
>allow an ISP to prevent spam?

If I might, while I'm new to this list, I deal with the junk daily.  The 
problem is ISPs and individuals buying large blocks of IPs then reselling 
them to others and then washing their hands of the mess.  I can point you 
to dozens of examples of this.  Someone goes out and buy 30-40 /24's then 
sells them to whomever will pay for them and since they're not hosted on 
the same backbone as the address owner they are not held liable by their 
upstream provider(s) for the spam generated on the resold blocks.  Those 
blocks often end up in Asia or South America where ISPs often do not 
enforce any kind of AUP.

As for the vocal anti-spammers not agreeing on what constitutes UE, I 
disagree.  UE is any mail sent unsolicited and without the addressee's 
permission.  Furthermore, forged headers or relayed mail is abusive.  Go 
look at the major backbone providers like C&W & uu.net.  Their AUPs are 
quite clear.

To top it all off, many of these blocks, when SWIP'd, contain fraudulent 
information.  ICANN will revoke a fraudulent or invalid domain registration 
why can't ARIN revoke a fraudulent IP SWIP and if the block owner is found 
to also have fraudulent or invalid registration information they should 
have their entire block revoked.  That's the way the rest of the world 
works.  Do you think the FCC would allow someone to buy a block of 
frequencies and give them false contact info?  The FCC would yank the 
licenses immediately with NO refund.  ARIN must evolve to function like the 
rest of the world.  Apply existing fraud laws.  If someone obtains goods or 
services under misleading or fraudulent circumstances no matter the 
intended use they have violated criminal laws in every state and Federal 
laws as well.  Why can't ARIN use existing laws to go after them?

Anyway, if ARIN doesn't get its act together count on the government coming 
up with a "solution" that doesn't work and is impossible to 
enforce.  Simple rules work best.  Register your IPs with valid info.  Keep 
that info up to date.  Follow an established AUP with those IPs.  Violate 
any one and you lose them all with no refund.

ComCept Solutions, LLC.

Brian S. Bergin
Network Systems Administrator

(828) 265-1234
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20030218/342fa6ac/attachment-0001.html>

More information about the ARIN-PPML mailing list