[ppml] Abstract of proposed Internet Draft for Best Current Practice (please comment)
Brian S. Bergin
arin_ppml at comcept.net
Tue Feb 18 10:25:23 EST 2003
At 09:58 18 02 03 Tuesday, J Bacher wrote:
>On Tue, 18 Feb 2003, Dr. Jeffrey Race wrote:
> > >Are you proposing that ARIN revoke certain resources (assignments,
> > >allocations, ASNs, etc) under certain conditions to influence
> > >certain behaviors (decreasing SPAM propagation)?
> > Yes! It is the only way proven to ensure good behavior among the
> > refractory and the negligent. It gets their attention. Initially
> > Why not and what can be done? It is an obvious loophole in the
> > system from the point of view of a sociologist of group behavior.
> > If the Motor Vehicle Registry can't revoke licenses for abuse,
> > of course the drivers will ignore the rules.
>The state can revoke a license under authority of the law.
>Vocal anti-spammers can't even agree as to what exactly constitutes the
>various types of unsolicited email. I can't see how we can expect to
>draft a proposal that goes above any law in this country and expect ARIN
>to have the resources to enforce it.
>Your original post (possibly the first bullet point) suggested that ISPs
>*prevent* this type of abuse. What solutions can you offer that will
>allow an ISP to prevent spam?
If I might, while I'm new to this list, I deal with the junk daily. The
problem is ISPs and individuals buying large blocks of IPs then reselling
them to others and then washing their hands of the mess. I can point you
to dozens of examples of this. Someone goes out and buy 30-40 /24's then
sells them to whomever will pay for them and since they're not hosted on
the same backbone as the address owner they are not held liable by their
upstream provider(s) for the spam generated on the resold blocks. Those
blocks often end up in Asia or South America where ISPs often do not
enforce any kind of AUP.
As for the vocal anti-spammers not agreeing on what constitutes UE, I
disagree. UE is any mail sent unsolicited and without the addressee's
permission. Furthermore, forged headers or relayed mail is abusive. Go
look at the major backbone providers like C&W & uu.net. Their AUPs are
To top it all off, many of these blocks, when SWIP'd, contain fraudulent
information. ICANN will revoke a fraudulent or invalid domain registration
why can't ARIN revoke a fraudulent IP SWIP and if the block owner is found
to also have fraudulent or invalid registration information they should
have their entire block revoked. That's the way the rest of the world
works. Do you think the FCC would allow someone to buy a block of
frequencies and give them false contact info? The FCC would yank the
licenses immediately with NO refund. ARIN must evolve to function like the
rest of the world. Apply existing fraud laws. If someone obtains goods or
services under misleading or fraudulent circumstances no matter the
intended use they have violated criminal laws in every state and Federal
laws as well. Why can't ARIN use existing laws to go after them?
Anyway, if ARIN doesn't get its act together count on the government coming
up with a "solution" that doesn't work and is impossible to
enforce. Simple rules work best. Register your IPs with valid info. Keep
that info up to date. Follow an established AUP with those IPs. Violate
any one and you lose them all with no refund.
ComCept Solutions, LLC.
Brian S. Bergin
Network Systems Administrator
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ARIN-PPML