[ppml] Abstract of proposed Internet Draft for Best Current Practice (please comment)
arin_ppml at comcept.net
Tue Feb 18 12:10:35 EST 2003
At 11:47 18 02 03 Tuesday, you wrote:
>On Tue, 18 Feb 2003, Brian S. Bergin wrote:
> > >Your original post (possibly the first bullet point) suggested that ISPs
> > >*prevent* this type of abuse. What solutions can you offer that will
> > >allow an ISP to prevent spam?
> > If I might, while I'm new to this list, I deal with the junk daily. The
> > problem is ISPs and individuals buying large blocks of IPs then reselling
> > them to others and then washing their hands of the mess. I can point you
>The question isn't one of ISP policy, it's posed from a technical
>I can prevent outbound port 25 from all dialup/dsl/cable except to my
>servers. I can be proactive when handling spam complaints.
That's quickly becoming a moot point. There are plenty services both in
and out of North America that allow people to send SMTP traffic on other
than port 25 then they in turn send it out on port 25. As more and more
ISPs block port 25 more and more spammers figure out it's easy to get
around. Blocking 25 isn't the answer. IMHO, the biggest thing is to clean
up the open port 25 relays. We were required by our backbone providers to
show that our mail servers were secure. Now blocking inbound port 25 from
Asia and Eastern Europe does cut down on spam by 90%. I know, we've tried
>But how do I *prevent* spam?
> > As for the vocal anti-spammers not agreeing on what constitutes UE, I
> > disagree. UE is any mail sent unsolicited and without the addressee's
> > permission. Furthermore, forged headers or relayed mail is abusive. Go
> > look at the major backbone providers like C&W & uu.net. Their AUPs are
> > quite clear.
>I find that, to many people, everything constitutes spam. A single virus
>transmission or a typoed email address is justification to submit a report
>to any and every one that will listen.
No. Most AUPs have something to the effect of "if it could reasonability
be considered to result in complaints". Every spammer knows what s/he is
doing. A cut-and-dry limit could be set. x number of complaints generates
a contact e-mail to the admin & tech contacts (if they're bounced as
undeliverable the account is suspended). x number of additional complaints
generates a x-hour suspension of IPs. x number more and the account is off
for a month. After that, one more set of complaints and it's off for good
with no refund.
Also, a mis-typed e-mail address or virus is not spam by any AUP I've ever
seen although continued unchecked viruses should result in the ISP
suspending the account until it's corrected. Most will do that if enough
complaints come in.
> > To top it all off, many of these blocks, when SWIP'd, contain fraudulent
> > information. ICANN will revoke a fraudulent or invalid domain
> > why can't ARIN revoke a fraudulent IP SWIP and if the block owner is found
> > to also have fraudulent or invalid registration information they should
> > have their entire block revoked. That's the way the rest of the world
> > works. Do you think the FCC would allow someone to buy a block of
> > frequencies and give them false contact info? The FCC would yank the
>This has nothing to do with spam. This is a valid complaint regardless.
You're right; however, ARIN will NOT go after a block of IPs that has
fraudulent info. I have dozens of tickets with them stating they will not
do anything other than list the fact that the info has been reported as
inaccurate. What good does that do. If the state just issued me
informational 'tickets' for violating the speed limit with no enforcement
teeth do you think I'm ever going to slow down? Until ARIN actually gets
some backbone, and I'm not talking about bandwidth, people will continue to
abuse the IP space by committing fraud to obtain and continue to use them.
Honestly I fail to see why there's so much concern about ARIN enforcing an
AUP or no-fraud clauses. If you don't spam and don't host spammers or if
you actually enforce an AUP and remove spammers I can't see why anyone
would be against this. I would think legit ISPs would welcome the change
at the top. It would given them yet another tool to remove spammers from
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ARIN-PPML