[arin-ppml] ARIN IPs and Spammers? => Need for Governance

Tony Hain alh-ietf at tndh.net
Mon Nov 10 18:31:24 EST 2014

>From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of William Herrin
>Sent: Monday, November 10, 2014 6:19 AM
>To: Michael Peddemors
>Cc: arin-ppml at arin.net
>Subject: Re: [arin-ppml] ARIN IPs and Spammers? => Need for Governance
>On Mon, Nov 10, 2014 at 10:56 AM, Michael Peddemors <michael at linuxmagic.com> wrote:
>> However, ARIN does have the mandate regarding proper SWIP for 
>> delegated IP Addresses, and enforcement in that area might be the first step.
>Suggest a useful penalty (within ARIN's organizational scope) for the discovery of forged SWIP information. Something a >"bulletproof hoster" wouldn't roll his eyes at but that isn't devastating to a business hit with a false positive.

I agree that ARIN should not be involved in enforcement, but one thing that ARIN (and the other RIR's) could do is make it easier for mail server operators to get *ALL* the blocks assigned to a given organization in one query. I find that "whois n w.x.y.z" often returns the same names as either the swip'd client, or the DC host. It would be much easier from my perspective use those names as input then block all of their space than it is to play wack-a-mole as each client cluster shows up. 

>Also, suggest a process ARIN might use to distinguish between those who were tricked (i.e. victims) versus those who >were  complicit. It is, after all, trivial to anonymously buy a pre-paid debit card and forge a fax-quality image of a driver's >license.

More information about the ARIN-PPML mailing list