Dr. Jeffrey Race
jrace at attglobal.net
Wed Feb 19 04:29:42 EST 2003
See inline comments
On Tue, 18 Feb 2003 21:33:02 -0500, Ron da Silva wrote:
>Ok, suppose we define spam as above. Now what? Is there a mechanism
>to traceback ARIN resources currently in use by the originator?
Yes I do a lookup on the upload and return paths (see
<www.camblab.com/nugget/extermin.htm> for my MO).
>as a clear mechanism to traceback the sender himself!)
We don't need that because (in the case of an open relay or
proxy, or dialup) it is the responsibility of the custodian of
the Internet resources (e.g. mail servers or modem pools) used.
The custodian of these resources is responsible for taking action.
And then, suppose
>we have identified that entity and its ARIN resources but that entity
>is not a direct member of ARIN. What action do you
>propose be taken?
Here's where I need your help. I don't want to make the proposal
too specific. But I want it clear that there is a chain of custody
of delegated resources and they come with conditions. I don't
know how it is done now. Contracts might have to be rewritten.
It is clear with the well-managed ISPs and backbones: they have
an abuse-forbidding AUP and it binds every contracting and sub-
contracting party. Something like this needs to be enforced for
IP addresses delegations. The irreducibly essential point is that
this public resource is borrowed for use during good behavior.
As noted in previous post, the RIRs only would become involved in
cases of prolonged egregious negligence or tortious conduct. If
it were known that address space could be yanked, the bad hats
would not dare to misbehave as at present.
Comments please . . . .
More information about the ARIN-PPML